Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Rootkit problem with my Inspiron 5100

Started by Brujo , Mar 31 2011 08:50 AM

This topic is locked

#1
Brujo

Posted 31 March 2011 - 08:50 AM

Member

Member
34 posts

Hi, I am in need of help! I have a Dell Inspiron 5100 that is very slow. I recently did a clean installation of Windows XP Home. After losing my Installation Disc a few year ago, I found a website that was selling them. I did an installation , Updated everything SP2, SP3, etc. Installed AVG free version and I did a scan and found a Rootkit . After all updates my computer is very slow. I downloaded Malwarebytes and that didn't help. Please! All help will be very appreciated.

Before I did the clean installation, I had problems with computer. I thought that reinstalling windows would fix it. I thought wrong.

Thanks in advance for all the help.

I'm including an OTL scan:

OTL logfile created on: 4/2/2011 12:40:48 PM - Run 3
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

383.00 Mb Total Physical Memory | 55.00 Mb Available Physical Memory | 14.00% Memory free
922.00 Mb Paging File | 573.00 Mb Available in Paging File | 62.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36.28 Gb Total Space | 27.36 Gb Free Space | 75.41% Space Free | Partition Type: NTFS

Computer Name: TRANSMETAL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/01/25 12:10:42 | 003,313,504 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgmfapx.exe
PRC - [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/07 01:22:12 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/01/06 15:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/05/19 16:14:29 | 021,005,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SoftwareDistribution\Download\Install\NDP30SP2-KB982168-x86.exe
PRC - [2010/04/11 22:17:16 | 000,321,888 | ---- | M] (Microsoft Corporation) -- c:\67c75b18ebfef1c3e461a3bfd08b0c8a\HotFixInstaller.exe
PRC - [2009/03/08 04:31:54 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msfeedssync.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)

========== Driver Services (SafeList) ==========

DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/03 15:23:36 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/03 15:23:34 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/03 15:23:32 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2003/03/21 10:26:40 | 000,164,224 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2002/12/17 11:41:36 | 000,042,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/11/07 22:31:36 | 000,539,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/03/30 17:56:10 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2002/09/03 09:34:19 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/03/25 01:32:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/02 12:40:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2011/04/02 12:37:27 | 000,000,000 | ---D | C] -- C:\67c75b18ebfef1c3e461a3bfd08b0c8a
[2011/03/31 17:57:55 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/03/30 17:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/03/30 17:56:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011
[2011/03/30 17:45:12 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/03/30 17:43:44 | 000,645,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTS.exe
[2011/03/30 17:33:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/03/30 17:19:14 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/03/30 17:18:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/03/30 17:18:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/03/30 17:18:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/03/30 17:18:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/03/30 17:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/03/30 16:51:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/25 17:03:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/03/25 17:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/03/25 17:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/03/25 16:58:47 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2011/03/25 16:58:47 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2011/03/25 16:58:45 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2011/03/25 16:58:42 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2011/03/25 16:58:40 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2011/03/25 16:58:40 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2011/03/25 16:58:34 | 000,000,000 | ---D | C] -- C:\e79bbe30f08b99cb9b0d237153795bcc
[2011/03/25 16:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/03/25 16:53:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/25 16:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/25 16:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/03/25 16:53:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/03/25 16:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/25 16:12:34 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011/03/25 16:10:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011/03/25 16:04:25 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/03/25 16:04:02 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/03/25 16:02:52 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2011/03/25 16:02:49 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2011/03/25 16:01:10 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2011/03/25 15:44:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/03/25 15:18:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/03/25 15:18:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/03/25 15:18:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/03/25 15:18:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/03/25 14:58:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011/03/25 14:36:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2011/03/25 14:33:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2011/03/25 14:31:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2011/03/25 14:20:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011/03/25 14:20:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/03/25 14:20:21 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/03/25 14:20:20 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/03/25 14:20:13 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/03/25 14:20:13 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011/03/25 14:19:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011/03/25 14:16:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/03/25 14:16:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011/03/25 13:22:52 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2011/03/25 13:22:51 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2011/03/25 13:22:51 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2011/03/25 13:22:48 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2011/03/25 13:22:48 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2011/03/25 13:22:48 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2011/03/25 13:22:47 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2011/03/25 13:22:47 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2011/03/25 13:22:46 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2011/03/25 13:22:46 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2011/03/25 13:22:46 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2011/03/25 13:22:46 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2011/03/25 13:22:44 | 002,940,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2011/03/25 13:22:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2011/03/25 13:22:43 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2011/03/25 13:22:43 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2011/03/25 13:22:43 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2011/03/25 13:22:43 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2011/03/25 13:22:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2011/03/25 13:22:40 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2011/03/25 13:22:26 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2011/03/25 13:22:25 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2011/03/25 13:22:25 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2011/03/25 13:22:25 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2011/03/25 13:22:24 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2011/03/25 13:22:24 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2011/03/25 13:22:24 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2011/03/25 13:22:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2011/03/25 13:22:18 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2011/03/25 13:22:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2011/03/25 13:21:54 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2011/03/25 13:21:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2011/03/25 13:21:18 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2011/03/25 13:21:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2011/03/25 13:21:02 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2011/03/25 13:21:01 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2011/03/25 13:20:48 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2011/03/25 13:20:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2011/03/25 13:20:41 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2011/03/25 13:20:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2011/03/25 13:20:38 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2011/03/25 13:20:25 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2011/03/25 13:20:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2011/03/25 13:19:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2011/03/25 13:19:12 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2011/03/25 13:19:11 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2011/03/25 13:18:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2011/03/25 13:18:44 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2011/03/25 13:18:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2011/03/25 13:18:37 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2011/03/25 13:18:37 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2011/03/25 13:18:36 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2011/03/25 13:18:28 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2011/03/25 13:18:19 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2011/03/25 13:18:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2011/03/25 13:18:18 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2011/03/25 13:18:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2011/03/25 13:18:16 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2011/03/25 13:18:16 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2011/03/25 13:18:02 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2011/03/25 13:17:05 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2011/03/25 13:16:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2011/03/25 13:16:53 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2011/03/25 13:16:51 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2011/03/25 13:16:50 | 000,262,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2011/03/25 13:16:50 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2011/03/25 13:16:50 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2011/03/25 13:16:48 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2011/03/25 13:16:47 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2011/03/25 13:16:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2011/03/25 13:16:31 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2011/03/25 13:16:30 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2011/03/25 13:16:28 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2011/03/25 13:16:18 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2011/03/25 13:15:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2011/03/25 13:14:38 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2011/03/25 13:14:38 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2011/03/25 13:14:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2011/03/25 13:14:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2011/03/25 13:14:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2011/03/25 13:14:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2011/03/25 13:13:22 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2011/03/25 13:11:32 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2011/03/25 13:11:32 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2011/03/25 13:11:32 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2011/03/25 13:11:31 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2011/03/25 13:11:31 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2011/03/25 13:11:30 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2011/03/25 13:11:30 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2011/03/25 13:11:05 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2011/03/25 13:11:04 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2011/03/25 13:11:03 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2011/03/25 13:10:53 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2011/03/25 13:10:52 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2011/03/25 13:10:51 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2011/03/25 13:10:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2011/03/25 13:10:51 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2011/03/25 13:10:51 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2011/03/25 13:10:46 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2011/03/25 13:10:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2011/03/25 13:10:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2011/03/25 13:09:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2011/03/25 13:08:53 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2011/03/25 13:08:17 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2011/03/25 13:08:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2011/03/25 13:08:11 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2011/03/25 13:07:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2011/03/25 13:05:42 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2011/03/25 12:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG10
[2011/03/25 12:03:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/03/25 11:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/25 11:55:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/03/25 11:53:39 | 000,357,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2011/03/25 11:53:11 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/03/25 11:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/03/25 11:51:27 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2011/03/25 11:50:52 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2011/03/25 11:49:44 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2011/03/25 11:48:57 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2011/03/25 11:48:57 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2011/03/25 11:48:50 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2011/03/25 11:48:48 | 002,192,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2011/03/25 11:48:48 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2011/03/25 11:48:47 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2011/03/25 11:48:22 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2011/03/25 11:46:22 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2011/03/25 11:46:14 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2011/03/25 11:45:02 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2011/03/25 09:09:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2011/03/25 09:09:00 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2011/03/25 09:07:43 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2011/03/25 09:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/03/25 08:43:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/03/25 08:43:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011/03/25 08:42:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2011/03/25 08:36:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/25 08:35:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/03/25 08:35:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\UserData
[2011/03/25 08:31:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/03/25 08:20:49 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2011/03/25 08:20:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2011/03/25 08:20:40 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2011/03/25 08:20:40 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2011/03/25 08:20:40 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2011/03/25 08:20:40 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2011/03/25 08:20:40 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2011/03/25 08:20:40 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2011/03/25 08:20:40 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2011/03/25 08:20:39 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2011/03/25 08:20:39 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2011/03/25 08:20:39 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2011/03/25 08:20:39 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2011/03/25 08:20:39 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2011/03/25 08:20:39 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2011/03/25 08:20:39 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2011/03/25 08:20:39 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2011/03/25 08:20:39 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2011/03/25 08:20:39 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2011/03/25 08:20:39 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2011/03/25 08:20:39 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2011/03/25 08:20:39 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2011/03/25 08:20:39 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2011/03/25 08:20:39 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2011/03/25 08:20:39 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2011/03/25 08:20:39 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2011/03/25 08:20:39 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2011/03/25 08:20:39 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2011/03/25 08:20:39 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2011/03/25 08:20:38 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2011/03/25 08:20:38 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2011/03/25 08:20:38 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2011/03/25 08:20:38 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2011/03/25 08:20:38 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2011/03/25 08:20:38 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2011/03/25 08:20:38 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2011/03/25 08:20:38 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2011/03/25 08:20:37 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2011/03/25 08:20:37 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2011/03/25 08:20:37 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2011/03/25 08:20:37 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2011/03/25 08:20:36 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2011/03/25 08:20:36 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2011/03/25 08:20:36 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2011/03/25 08:20:36 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2011/03/25 08:20:36 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2011/03/25 08:20:36 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2011/03/25 08:20:36 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2011/03/25 08:20:36 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2011/03/25 08:20:36 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2011/03/25 08:20:36 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2011/03/25 08:20:35 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2011/03/25 08:20:35 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2011/03/25 08:20:35 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2011/03/25 08:20:35 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2011/03/25 08:20:35 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2011/03/25 08:20:35 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2011/03/25 08:20:35 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2011/03/25 08:20:35 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2011/03/25 08:20:35 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2011/03/25 08:20:35 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2011/03/25 08:20:35 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2011/03/25 08:20:35 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2011/03/25 08:20:35 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2011/03/25 08:20:34 | 002,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2011/03/25 08:20:34 | 001,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2011/03/25 08:20:34 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2011/03/25 08:20:34 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2011/03/25 08:20:34 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2011/03/25 08:20:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2011/03/25 08:20:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2011/03/25 08:20:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2011/03/25 08:20:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2011/03/25 08:20:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2011/03/25 08:20:33 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2011/03/25 08:20:33 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2011/03/25 08:20:33 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2011/03/25 08:20:33 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2011/03/25 08:20:33 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2011/03/25 08:20:33 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2011/03/25 08:20:33 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2011/03/25 08:20:32 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2011/03/25 08:20:32 | 000,154,624 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ivfsrc.ax
[2011/03/25 08:20:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2011/03/25 08:20:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2011/03/25 08:20:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2011/03/25 08:20:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2011/03/25 08:20:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2011/03/25 08:20:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2011/03/25 08:20:31 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2011/03/25 08:20:31 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2011/03/25 08:20:31 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2011/03/25 08:20:31 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2011/03/25 08:20:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2011/03/25 08:20:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2011/03/25 08:20:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2011/03/25 08:20:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2011/03/25 08:20:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2011/03/25 08:20:30 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2011/03/25 08:20:30 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2011/03/25 08:20:30 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2011/03/25 08:20:29 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2011/03/25 08:20:29 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2011/03/25 08:20:29 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2011/03/25 08:20:29 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2011/03/25 08:20:29 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2011/03/25 08:20:29 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2011/03/25 08:20:29 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2011/03/25 08:20:29 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2011/03/25 08:20:29 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2011/03/25 08:20:29 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2011/03/25 08:20:28 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2011/03/25 08:20:28 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2011/03/25 08:20:28 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2011/03/25 08:20:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2011/03/25 08:20:28 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2011/03/25 08:20:27 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2011/03/25 08:20:27 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2011/03/25 08:20:27 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2011/03/25 08:20:27 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2011/03/25 08:20:27 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2011/03/25 08:20:26 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2011/03/25 08:20:26 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2011/03/25 08:20:26 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2011/03/25 08:20:26 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2011/03/25 08:20:26 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2011/03/25 08:20:26 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2011/03/25 08:20:26 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2011/03/25 08:20:26 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2011/03/25 08:20:25 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2011/03/25 08:20:25 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2011/03/25 08:20:25 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2011/03/25 08:20:25 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2011/03/25 08:20:25 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2011/03/25 08:20:25 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2011/03/25 08:20:24 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2011/03/25 08:20:24 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2011/03/25 08:20:24 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2011/03/25 08:20:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2011/03/25 08:20:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2011/03/25 08:17:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/03/25 08:13:34 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011/03/25 08:13:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/03/25 08:13:08 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2011/03/25 08:10:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/03/25 08:10:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2011/03/25 02:07:26 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/03/25 02:01:08 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2011/03/25 01:55:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\WinRAR
[2011/03/25 01:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SLD Codec Pack
[2011/03/25 01:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\SLD Codec Pack
[2011/03/25 01:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\WinRAR
[2011/03/25 01:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/03/25 01:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2011/03/25 01:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/03/25 01:36:19 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/03/25 01:36:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Identities
[2011/03/25 01:36:08 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/03/25 01:36:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Pictures
[2011/03/25 01:36:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[2011/03/25 01:36:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft
[2011/03/25 01:36:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner\Application Data\Microsoft
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\SendTo
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Favorites
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Accessories
[2011/03/25 01:36:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\Cookies
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\Templates
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\PrintHood
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\NetHood
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\Local Settings
[2011/03/25 01:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop
[2011/03/25 01:35:58 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/03/25 01:35:55 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/03/25 01:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/03/25 01:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/03/25 01:35:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/03/25 01:34:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/03/25 01:34:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/03/25 01:34:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/03/25 01:34:27 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/03/25 01:34:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/03/25 01:34:27 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/03/25 01:34:26 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/03/25 01:34:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/03/25 01:34:24 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/03/25 01:34:24 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/03/25 01:34:24 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/03/25 01:34:22 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/03/25 01:34:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/03/25 01:34:21 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/03/25 01:34:20 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/03/25 01:34:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/03/25 01:34:20 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/03/25 01:34:19 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/03/25 01:34:19 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/03/25 01:34:18 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/03/25 01:34:18 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/03/25 01:34:18 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/03/25 01:34:17 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/03/25 01:34:15 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/03/25 01:34:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/03/25 01:34:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/03/25 01:34:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/03/25 01:34:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/03/25 01:34:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/03/25 01:34:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/03/25 01:34:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/03/25 01:34:12 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/03/25 01:34:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2011/03/25 01:34:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/03/25 01:34:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/03/25 01:34:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/03/25 01:34:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/03/25 01:34:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/03/25 01:34:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/03/25 01:34:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/03/25 01:34:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/03/25 01:34:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/03/25 01:34:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/03/25 01:34:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/03/25 01:34:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/03/25 01:34:07 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2011/03/25 01:34:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/03/25 01:34:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/03/25 01:34:06 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2011/03/25 01:34:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/03/25 01:34:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/03/25 01:34:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2011/03/25 01:34:03 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/03/25 01:34:03 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/03/25 01:34:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/03/25 01:34:01 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2011/03/25 01:34:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/03/25 01:34:00 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/03/25 01:34:00 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/03/25 01:33:59 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/03/25 01:33:59 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/03/25 01:33:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/03/25 01:33:58 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/03/25 01:33:58 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2011/03/25 01:33:58 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/03/25 01:33:57 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/03/25 01:33:57 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2011/03/25 01:33:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2011/03/25 01:33:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/03/25 01:33:55 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/03/25 01:33:52 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/03/25 01:33:47 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/03/25 01:33:47 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/03/25 01:33:40 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/03/25 01:33:40 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/03/25 01:33:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/03/25 01:33:37 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/03/25 01:33:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/03/25 01:33:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/03/25 01:33:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/03/25 01:33:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/03/25 01:33:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/03/25 01:33:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/03/25 01:33:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/03/25 01:33:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/03/25 01:33:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/03/25 01:33:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/03/25 01:33:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/03/25 01:33:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/03/25 01:33:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/03/25 01:33:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/03/25 01:33:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/03/25 01:33:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/03/25 01:33:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/03/25 01:33:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/03/25 01:33:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/03/25 01:33:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/03/25 01:33:33 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/03/25 01:33:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/03/25 01:33:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/03/25 01:33:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/03/25 01:33:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/03/25 01:33:31 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/03/25 01:33:31 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2011/03/25 01:33:30 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/03/25 01:33:30 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2011/03/25 01:33:30 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2011/03/25 01:33:30 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/03/25 01:33:30 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2011/03/25 01:33:30 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/03/25 01:33:30 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/03/25 01:33:29 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/03/25 01:33:29 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/03/25 01:33:29 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/03/25 01:33:29 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/03/25 01:33:29 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/03/25 01:33:29 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/03/25 01:33:29 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/03/25 01:33:28 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2011/03/25 01:33:28 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/03/25 01:33:28 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/03/25 01:33:28 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/03/25 01:33:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2011/03/25 01:33:28 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/03/25 01:33:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/03/25 01:33:22 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/03/25 01:33:13 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/03/25 01:33:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/03/25 01:33:09 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2011/03/25 01:33:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2011/03/25 01:33:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2011/03/25 01:33:08 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2011/03/25 01:33:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/03/25 01:33:07 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/03/25 01:33:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/03/25 01:33:06 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/03/25 01:33:06 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/03/25 01:33:06 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/03/25 01:33:05 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2011/03/25 01:33:05 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/03/25 01:33:00 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2011/03/25 01:32:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/03/25 01:32:58 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2011/03/25 01:32:56 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/03/25 01:32:56 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2011/03/25 01:32:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/03/25 01:32:55 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/03/25 01:32:55 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/03/25 01:32:55 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/03/25 01:32:54 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/03/25 01:32:54 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/03/25 01:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/03/25 01:32:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/03/25 01:32:53 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2011/03/25 01:32:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/03/25 01:32:51 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/03/25 01:32:51 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/03/25 01:32:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/03/25 01:32:49 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2011/03/25 01:32:49 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/03/25 01:32:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/03/25 01:32:41 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2011/03/25 01:32:41 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2011/03/25 01:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011/03/25 01:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011/03/25 01:32:29 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011/03/25 01:32:26 | 000,000,000 | ---D | C] -- C:\DELL
[2011/03/25 01:32:00 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2011/03/25 01:31:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011/03/25 01:31:03 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011/03/25 01:31:03 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011/03/25 01:30:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011/03/25 01:29:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2011/03/25 01:29:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2011/03/25 01:29:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2011/03/25 01:29:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2011/03/25 01:29:49 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2011/03/25 01:29:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2011/03/25 01:29:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2011/03/25 01:29:48 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2011/03/25 01:29:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2011/03/25 01:29:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2011/03/25 01:29:33 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2011/03/25 01:29:32 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2011/03/25 01:29:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2011/03/25 01:29:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2011/03/25 01:29:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2011/03/25 01:29:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2011/03/25 01:29:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2011/03/25 01:29:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2011/03/25 01:29:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2011/03/25 01:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011/03/25 01:29:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2011/03/25 01:29:21 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011/03/25 01:29:20 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2011/03/25 01:29:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2011/03/25 01:29:20 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2011/03/25 01:29:20 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2011/03/25 01:29:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2011/03/25 01:29:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2011/03/25 01:29:18 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2011/03/25 01:29:17 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2011/03/25 01:29:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2011/03/25 01:29:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2011/03/25 01:29:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2011/03/25 01:29:16 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2011/03/25 01:29:16 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2011/03/25 01:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011/03/25 01:29:12 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2011/03/25 01:29:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011/03/25 01:29:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011/03/25 01:29:07 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll
[2011/03/25 01:29:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2011/03/25 01:29:05 | 000,319,542 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2011/03/25 01:29:05 | 000,163,897 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2011/03/25 01:29:05 | 000,110,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2011/03/25 01:29:05 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011/03/25 01:28:58 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2011/03/25 01:28:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011/03/25 01:28:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2011/03/25 01:28:57 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2011/03/25 01:28:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2011/03/25 01:28:56 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2011/03/25 01:28:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2011/03/25 01:28:52 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2011/03/25 01:28:52 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2011/03/25 01:28:52 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011/03/25 01:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011/03/25 01:28:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2011/03/25 01:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011/03/25 01:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011/03/25 01:28:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2011/03/25 01:28:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2011/03/25 01:28:19 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011/03/25 01:28:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011/03/25 01:28:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/03/25 01:27:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/03/25 01:27:41 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011/03/25 01:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/03/25 01:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011/03/25 01:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011/03/25 01:27:30 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2011/03/25 01:27:30 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2011/03/25 01:27:30 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2011/03/25 01:27:29 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2011/03/25 01:27:29 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2011/03/25 01:27:29 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2011/03/25 01:27:29 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2011/03/25 01:27:29 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2011/03/25 01:27:29 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2011/03/25 01:27:29 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2011/03/25 01:27:29 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2011/03/25 01:27:29 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2011/03/25 01:27:28 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2011/03/25 01:27:28 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2011/03/25 01:27:28 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2011/03/25 01:27:28 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2011/03/25 01:27:28 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2011/03/25 01:27:27 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2011/03/25 01:27:27 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2011/03/25 01:27:27 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2011/03/25 01:27:26 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2011/03/25 01:27:26 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2011/03/25 01:27:26 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2011/03/25 01:27:26 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2011/03/25 01:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011/03/25 01:27:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2011/03/25 01:27:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2011/03/25 01:27:15 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2011/03/25 01:27:15 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2011/03/25 01:27:14 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2011/03/25 01:27:14 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2011/03/25 01:27:14 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2011/03/25 01:27:13 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2011/03/25 01:27:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2011/03/25 01:27:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2011/03/25 01:27:13 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2011/03/25 01:27:13 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2011/03/25 01:27:13 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2011/03/25 01:27:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2011/03/25 01:27:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2011/03/25 01:27:13 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2011/03/25 01:27:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2011/03/25 01:27:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2011/03/25 01:27:03 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2011/03/25 01:27:03 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2011/03/25 01:27:02 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2011/03/25 01:27:02 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2011/03/25 01:27:02 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2011/03/25 01:27:02 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2011/03/25 01:27:02 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2011/03/25 01:27:02 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2011/03/25 01:27:01 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2011/03/25 01:27:01 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2011/03/25 01:27:01 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2011/03/25 01:27:01 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2011/03/25 01:27:01 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2011/03/25 01:27:01 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2011/03/25 01:27:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2011/03/25 01:27:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2011/03/25 01:27:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2011/03/25 01:27:00 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2011/03/25 01:27:00 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2011/03/25 01:26:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2011/03/25 01:26:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2011/03/25 01:26:59 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2011/03/25 01:26:59 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2011/03/25 01:26:59 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2011/03/25 01:26:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2011/03/25 01:26:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2011/03/25 01:26:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2011/03/25 01:26:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2011/03/25 01:26:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2011/03/25 01:26:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2011/03/25 01:26:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2011/03/25 01:26:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2011/03/25 01:26:58 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2011/03/25 01:26:58 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2011/03/25 01:26:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2011/03/25 01:26:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2011/03/25 01:26:58 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2011/03/25 01:26:58 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2011/03/25 01:26:58 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2011/03/25 01:26:58 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2011/03/25 01:26:57 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2011/03/25 01:26:57 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2011/03/25 01:26:57 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2011/03/25 01:26:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2011/03/25 01:26:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2011/03/25 01:26:54 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2011/03/25 01:26:54 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2011/03/25 01:26:54 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2011/03/25 01:26:54 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2011/03/25 01:26:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2011/03/25 01:26:54 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2011/03/25 01:26:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2011/03/25 01:26:53 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2011/03/25 01:26:53 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2011/03/25 01:26:53 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2011/03/25 01:26:53 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2011/03/25 01:26:53 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2011/03/25 01:26:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2011/03/25 01:26:48 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2011/03/25 01:26:48 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2011/03/25 01:26:48 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2011/03/25 01:26:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2011/03/25 01:26:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2011/03/25 01:26:47 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2011/03/25 01:26:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2011/03/25 01:26:47 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2011/03/25 01:26:47 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2011/03/25 01:26:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2011/03/25 01:26:47 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2011/03/25 01:26:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2011/03/25 01:26:47 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2011/03/25 01:26:46 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2011/03/25 01:26:46 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2011/03/25 01:26:45 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2011/03/25 01:26:45 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2011/03/25 01:26:44 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2011/03/25 01:26:44 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2011/03/25 01:26:37 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2011/03/25 01:26:37 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2011/03/25 01:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011/03/25 01:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2011/03/25 01:26:36 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2011/03/25 01:26:36 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2011/03/25 01:26:35 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2011/03/25 01:26:35 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2011/03/25 01:26:34 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2011/03/25 01:26:33 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2011/03/25 01:26:33 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2011/03/25 01:26:33 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2011/03/25 01:26:32 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2011/03/25 01:26:32 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2011/03/25 01:26:32 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2011/03/25 01:26:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2011/03/25 01:26:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2011/03/25 01:26:31 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2011/03/25 01:26:31 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2011/03/25 01:26:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011/03/25 01:26:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011/03/25 01:26:30 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2011/03/25 01:26:26 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2011/03/25 01:25:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/03/24 18:23:02 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2011/03/24 18:22:40 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2011/03/24 18:22:31 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2011/03/24 18:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/03/24 18:21:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2011/03/24 18:21:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2011/03/24 18:21:30 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2011/03/24 18:21:29 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2011/03/24 18:21:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011/03/24 18:21:28 | 000,000,000 | R--D | C] -- C:\Program Files
[2011/03/24 18:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011/03/24 18:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011/03/24 18:21:25 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2011/03/24 18:21:25 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2011/03/24 18:21:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2011/03/24 18:21:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2011/03/24 18:21:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2011/03/24 18:21:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2011/03/24 18:21:19 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2011/03/24 18:21:19 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2011/03/24 18:21:19 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2011/03/24 18:21:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2011/03/24 18:21:19 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2011/03/24 18:21:19 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2011/03/24 18:21:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2011/03/24 18:21:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2011/03/24 18:21:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2011/03/24 18:21:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2011/03/24 18:21:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2011/03/24 18:21:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2011/03/24 18:21:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2011/03/24 18:21:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2011/03/24 18:21:17 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2011/03/24 18:21:17 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2011/03/24 18:21:17 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2011/03/24 18:21:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2011/03/24 18:21:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2011/03/24 18:21:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2011/03/24 18:21:17 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2011/03/24 18:21:17 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2011/03/24 18:21:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2011/03/24 18:21:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2011/03/24 18:21:14 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2011/03/24 18:21:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2011/03/24 18:21:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2011/03/24 18:21:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2011/03/24 18:21:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2011/03/24 18:21:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2011/03/24 18:21:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2011/03/24 18:21:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2011/03/24 18:21:10 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2011/03/24 18:21:10 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2011/03/24 18:21:10 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2011/03/24 18:21:10 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2011/03/24 18:21:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/03/24 18:21:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/03/24 18:21:09 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2011/03/24 18:21:09 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2011/03/24 18:21:09 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/03/24 18:21:09 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/03/24 18:21:09 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2011/03/24 18:21:09 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2011/03/24 18:21:09 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2011/03/24 18:21:09 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2011/03/24 18:21:09 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2011/03/24 18:21:09 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2011/03/24 18:21:08 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2011/03/24 18:21:08 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2011/03/24 18:21:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2011/03/24 18:21:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2011/03/24 18:21:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2011/03/24 18:21:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2011/03/24 18:21:08 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2011/03/24 18:21:08 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2011/03/24 18:21:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2011/03/24 18:21:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2011/03/24 18:21:08 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2011/03/24 18:21:08 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2011/03/24 18:21:08 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2011/03/24 18:21:08 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2011/03/24 18:21:08 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2011/03/24 18:21:08 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2011/03/24 18:21:07 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2011/03/24 18:21:07 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2011/03/24 18:21:07 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2011/03/24 18:21:07 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2011/03/24 18:21:07 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2011/03/24 18:21:07 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2011/03/24 18:21:07 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2011/03/24 18:21:07 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2011/03/24 18:21:07 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2011/03/24 18:21:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2011/03/24 18:21:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2011/03/24 18:21:07 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2011/03/24 18:21:07 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2011/03/24 18:21:07 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2011/03/24 18:21:07 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2011/03/24 18:21:07 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2011/03/24 18:21:07 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2011/03/24 18:21:07 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2011/03/24 18:21:07 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2011/03/24 18:21:07 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2011/03/24 18:21:07 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2011/03/24 18:21:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2011/03/24 18:21:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2011/03/24 18:21:05 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2011/03/24 18:21:05 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2011/03/24 18:21:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/03/24 18:20:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2011/03/24 18:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2011/03/24 18:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2011/03/24 18:20:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/03/24 18:20:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/03/24 18:20:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/03/24 18:20:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/03/24 18:20:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/03/24 18:14:25 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/03/24 18:14:25 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/03/24 18:14:25 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/03/24 18:14:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2011/03/20 08:45:56 | 000,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2011/03/20 08:45:54 | 000,264,440 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\stac97.sys
[2011/03/20 08:45:53 | 000,102,481 | ---- | C] (SigmaTel Inc.) -- C:\WINDOWS\System32\stac97.cpl
[2011/03/20 08:44:35 | 000,135,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2011/03/20 08:39:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2011/03/20 08:39:17 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2011/03/20 08:39:17 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2011/03/20 08:35:38 | 000,042,368 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.tha
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.ptb
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.kor
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.jpn
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.fra
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.esp
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.deu
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.cht
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.chs
[2011/03/20 08:35:29 | 000,073,728 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2011/03/20 08:35:29 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll
[2011/03/20 08:35:29 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2011/03/20 08:35:27 | 003,936,340 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atioglxx.dll
[2011/03/20 08:35:26 | 000,648,697 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2011/03/20 08:35:26 | 000,270,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll
[2011/03/20 08:35:25 | 001,022,907 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d2ag.dll
[2011/03/20 08:35:24 | 000,831,227 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2011/03/20 08:35:23 | 000,539,392 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2011/03/20 08:35:22 | 000,241,536 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2011/03/20 08:34:29 | 000,073,728 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2011/03/20 08:33:45 | 000,164,224 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS
[2011/03/20 08:33:44 | 000,102,400 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Atiidtxx.dll
[2011/03/20 08:33:44 | 000,028,672 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2011/03/20 08:33:44 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Atridtxx.enu
[2011/03/20 08:33:43 | 000,049,152 | ---- | C] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/02 23:58:24 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0CA1D476-9C73-4E2D-8345-067C08B14ED8}.job
[2011/04/02 23:56:57 | 000,432,924 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/02 23:56:57 | 000,067,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/04/02 12:50:00 | 110,823,527 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/04/02 12:35:23 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/02 12:35:18 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/03/31 17:35:09 | 000,293,019 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2011/03/30 17:56:55 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/03/30 17:43:47 | 000,645,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTS.exe
[2011/03/30 17:19:19 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/03/30 16:47:27 | 004,310,058 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/03/25 17:26:10 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/25 16:53:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/25 16:38:45 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/25 15:47:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/25 14:57:37 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/03/25 14:31:29 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/25 12:29:26 | 000,005,764 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\root scan.csv
[2011/03/25 08:21:43 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/03/25 08:14:52 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011/03/25 01:58:44 | 000,072,704 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 01:55:07 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SLD Codec Selector.lnk
[2011/03/25 01:36:25 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/03/25 01:36:18 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/25 01:36:17 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/03/25 01:35:17 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011/03/25 01:34:44 | 000,000,237 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/03/25 01:32:15 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/03/25 01:32:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/03/25 01:32:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/03/25 01:32:13 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/03/25 01:32:13 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/03/25 01:32:12 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2011/03/25 01:32:00 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/03/25 01:28:32 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/03/20 17:07:56 | 000,301,568 | ---- | M] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/02 12:40:28 | 110,823,527 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm.prepare
[2011/03/31 17:54:55 | 000,301,568 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.exe
[2011/03/31 17:35:06 | 000,293,019 | ---- | C] () -- C:\Documents and Settings\Owner\Desktop\gmer.zip
[2011/03/31 17:33:23 | 110,518,771 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/03/30 17:56:55 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/03/30 17:19:19 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/03/30 17:19:15 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/03/30 17:18:18 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/03/30 17:18:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/03/30 17:18:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/03/30 17:18:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/03/30 17:18:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/03/30 16:47:27 | 004,310,058 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/03/25 16:53:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/25 14:36:10 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0CA1D476-9C73-4E2D-8345-067C08B14ED8}.job
[2011/03/25 13:22:46 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2011/03/25 13:22:46 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2011/03/25 13:22:46 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2011/03/25 13:22:46 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2011/03/25 13:22:43 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2011/03/25 13:22:43 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2011/03/25 13:22:43 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2011/03/25 13:22:42 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2011/03/25 13:22:42 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2011/03/25 13:22:42 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2011/03/25 13:22:41 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2011/03/25 13:22:41 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2011/03/25 13:22:41 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2011/03/25 13:22:41 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2011/03/25 13:22:40 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2011/03/25 13:22:40 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2011/03/25 13:22:40 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2011/03/25 13:22:25 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2011/03/25 13:22:24 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2011/03/25 13:22:24 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2011/03/25 13:22:24 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2011/03/25 13:22:24 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2011/03/25 13:22:24 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2011/03/25 13:22:24 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2011/03/25 13:22:24 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2011/03/25 13:22:24 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2011/03/25 13:22:24 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2011/03/25 13:22:24 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2011/03/25 13:22:10 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2011/03/25 13:22:10 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2011/03/25 13:22:10 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2011/03/25 13:21:47 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2011/03/25 13:21:47 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2011/03/25 13:21:47 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2011/03/25 13:21:47 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2011/03/25 13:21:47 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2011/03/25 13:21:47 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2011/03/25 13:21:40 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2011/03/25 13:21:40 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2011/03/25 13:21:40 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2011/03/25 13:21:40 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2011/03/25 13:21:19 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2011/03/25 13:21:17 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2011/03/25 13:20:52 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2011/03/25 13:20:48 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2011/03/25 13:20:24 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2011/03/25 13:20:24 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2011/03/25 13:20:23 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2011/03/25 13:20:23 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2011/03/25 13:20:23 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2011/03/25 13:20:23 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2011/03/25 13:20:23 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2011/03/25 13:20:23 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2011/03/25 13:20:23 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2011/03/25 13:20:23 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2011/03/25 13:20:23 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2011/03/25 13:20:23 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2011/03/25 13:20:23 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2011/03/25 13:20:23 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2011/03/25 13:20:23 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2011/03/25 13:20:23 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2011/03/25 13:19:35 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2011/03/25 13:19:12 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2011/03/25 13:19:12 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2011/03/25 13:17:27 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2011/03/25 13:17:26 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2011/03/25 13:16:51 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2011/03/25 13:16:51 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2011/03/25 13:16:51 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2011/03/25 13:15:58 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2011/03/25 13:13:10 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2011/03/25 13:11:41 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2011/03/25 13:11:27 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2011/03/25 13:09:42 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2011/03/25 13:09:42 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2011/03/25 13:09:42 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2011/03/25 13:09:42 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2011/03/25 13:09:28 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2011/03/25 13:09:25 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2011/03/25 13:09:24 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2011/03/25 13:09:24 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2011/03/25 13:09:13 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2011/03/25 13:09:13 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2011/03/25 13:08:15 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2011/03/25 12:29:26 | 000,005,764 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\root scan.csv
[2011/03/25 08:21:29 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/25 08:20:38 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011/03/25 08:20:38 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011/03/25 08:20:37 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011/03/25 08:20:31 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2011/03/25 01:55:07 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SLD Codec Selector.lnk
[2011/03/25 01:43:13 | 000,072,704 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 01:36:25 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/03/25 01:36:16 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk
[2011/03/25 01:36:13 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/25 01:36:08 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/25 01:36:08 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
[2011/03/25 01:36:04 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Remote Assistance.lnk
[2011/03/25 01:36:04 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
[2011/03/25 01:35:17 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011/03/25 01:34:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/03/25 01:33:58 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/03/25 01:33:37 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/03/25 01:33:30 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/03/25 01:33:30 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/03/25 01:33:28 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/03/25 01:33:17 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/03/25 01:33:11 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/03/25 01:32:55 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/03/25 01:32:15 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/03/25 01:32:15 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/03/25 01:32:15 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011/03/25 01:32:13 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/03/25 01:32:13 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/03/25 01:32:13 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/03/25 01:32:12 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2011/03/25 01:30:37 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011/03/25 01:29:45 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011/03/25 01:29:45 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011/03/25 01:29:33 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011/03/25 01:28:32 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/03/25 01:27:42 | 000,000,829 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/03/25 01:27:41 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN Explorer.lnk
[2011/03/25 01:27:06 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2011/03/25 01:27:05 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2011/03/25 01:27:05 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2011/03/25 01:27:05 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2011/03/25 01:27:05 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2011/03/25 01:27:05 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2011/03/25 01:27:05 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2011/03/25 01:27:05 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2011/03/25 01:27:04 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2011/03/25 01:27:04 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2011/03/25 01:27:04 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2011/03/25 01:27:00 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011/03/25 01:26:59 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011/03/25 01:26:57 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011/03/25 01:26:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011/03/24 18:21:38 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/03/24 18:21:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/03/24 18:21:30 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011/03/24 18:21:30 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011/03/24 18:21:30 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011/03/24 18:21:29 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011/03/24 18:21:05 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/03/24 18:20:54 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/03/24 18:20:53 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/03/24 18:20:53 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2011/03/24 18:20:53 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/03/24 18:20:53 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2011/03/24 18:20:53 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2011/03/24 18:20:53 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2011/03/24 18:20:53 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/03/24 18:20:53 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2011/03/24 18:20:53 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2011/03/24 18:20:53 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2011/03/24 18:20:53 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/03/24 18:20:53 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/03/24 18:20:05 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/24 18:19:27 | 000,000,327 | RHS- | C] () -- C:\boot.ini
[2011/03/24 18:19:24 | 000,000,237 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/03/20 08:35:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2004/12/20 03:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 03:03:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002/12/14 14:46:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\oggDS.dll
[2002/12/14 14:46:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/12/14 14:46:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/12/14 13:46:04 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/11/15 05:11:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2002/09/03 10:17:03 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/03 10:16:59 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/03 09:52:01 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/03 09:52:00 | 000,432,924 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/09/03 09:51:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/03 09:51:54 | 000,067,714 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/09/03 09:49:33 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/09/03 09:41:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/03 09:41:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/03 09:32:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/03 09:30:33 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

< End of report >

Edited by Brujo, 02 April 2011 - 02:24 PM.

#2
sempai

Posted 04 April 2011 - 08:42 AM

Trusted Helper

Malware Removal
785 posts

Hello Brujo and welcome to G2G

When you did a clean installation of Windows, did you wipe or format the drive? Did you create a back up on files like .exe, .scr, .htm, .html, .xml, .zip/.rar files and replaced them after the OS installation?

Did you run ComboFix without the guidance of a certified helper? Please note that:

You should not be using Combofix unless instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be "used under the guidance and supervision of an expert", NOT for general public or personal use. Combofix was never meant to be used as a general purpose malware scanner like SuperAntispyware or Malwarebytes' Anti-Malware. Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again. Please read Combofix's Disclaimer.

========================================

1. Please run another OTL scan and post the new report for my review.

2. Click Start > Run then copy/paste the following bolded text below. A log file will open, please post the contents in your next reply.

cmd /c dir /a /s C:\QooBox >log.txt&start log.txt

#3
Brujo

Posted 05 April 2011 - 07:30 PM

Member

Topic Starter
Member
34 posts

I did the Installation about three weeks ago. I had no back-up . I installed AVG, Malwarebytes and everything else after the installation. I wanted to delete everything first using boot & nuke ( i think that's what it's called) but i couldn't boot from cd.

here it's the OTL log

1OTL logfile created on: 4/5/2011 5:53:02 PM - Run 4
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Documents and Settings\Owner\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

383.00 Mb Total Physical Memory | 103.00 Mb Available Physical Memory | 27.00% Memory free
922.00 Mb Paging File | 447.00 Mb Available in Paging File | 49.00% Paging File free
Paging file location(s): C:\pagefile.sys 576 1152 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 36.28 Gb Total Space | 28.11 Gb Free Space | 77.48% Space Free | Partition Type: NTFS
Drive E: | 7.45 Gb Total Space | 2.54 Gb Free Space | 34.08% Space Free | Partition Type: FAT32

Computer Name: TRANSMETAL | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
PRC - [2011/01/07 01:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 01:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/07 01:22:12 | 001,052,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/01/06 15:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 16:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 16:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/10/22 04:56:58 | 000,845,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

========== Modules (SafeList) ==========

MOD - [2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
MOD - [2010/08/23 09:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/03/18 08:11:02 | 000,947,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/01/06 15:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 04:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)

========== Driver Services (SafeList) ==========

DRV - [2010/12/08 04:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 13:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/13 15:27:24 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/03 15:23:36 | 000,026,192 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/03 15:23:34 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/03 15:23:32 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2004/11/15 15:37:52 | 000,264,440 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\stac97.sys -- (STAC97) Audio Driver (WDM)
DRV - [2003/03/21 10:26:40 | 000,164,224 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2002/12/17 11:41:36 | 000,042,368 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2002/11/07 22:31:36 | 000,539,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-796845957-854245398-1343024091-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-796845957-854245398-1343024091-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/03/30 17:56:10 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2002/09/03 09:34:19 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [ATIModeChange] C:\WINDOWS\System32\Ati2mdxx.exe (ATI Technologies, Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-796845957-854245398-1343024091-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-796845957-854245398-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-796845957-854245398-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-796845957-854245398-1343024091-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/03/25 01:32:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/05 17:34:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/04/03 00:28:47 | 000,000,000 | ---D | C] -- C:\8e921d0dbe33533a6ce5c824f77200
[2011/04/03 00:17:29 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhid.sys
[2011/04/03 00:06:07 | 000,000,000 | ---D | C] -- C:\895d0f6cb024d873ae1c
[2011/04/02 21:30:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\PCHealth
[2011/03/31 17:57:55 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/03/30 17:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2011/03/30 17:56:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2011
[2011/03/30 17:45:12 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/03/30 17:43:44 | 000,645,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTS.exe
[2011/03/30 17:33:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/03/30 17:19:14 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/03/30 17:18:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/03/30 17:18:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/03/30 17:18:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/03/30 17:18:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/03/30 17:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/03/30 16:51:26 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/03/25 17:03:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2011/03/25 17:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2011/03/25 17:01:19 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2011/03/25 16:58:47 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2011/03/25 16:58:47 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2011/03/25 16:58:45 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2011/03/25 16:58:42 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2011/03/25 16:58:40 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2011/03/25 16:58:40 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2011/03/25 16:58:34 | 000,000,000 | ---D | C] -- C:\e79bbe30f08b99cb9b0d237153795bcc
[2011/03/25 16:53:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Malwarebytes
[2011/03/25 16:53:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011/03/25 16:53:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/25 16:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/03/25 16:53:20 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/03/25 16:53:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/25 16:12:34 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2011/03/25 16:10:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2011/03/25 16:04:25 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndproxy.sys
[2011/03/25 16:04:02 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wab.exe
[2011/03/25 16:02:52 | 000,953,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc40u.dll
[2011/03/25 16:02:49 | 000,974,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mfc42.dll
[2011/03/25 16:01:10 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\comctl32.dll
[2011/03/25 15:44:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/03/25 15:18:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2011/03/25 15:18:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011/03/25 15:18:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2011/03/25 15:18:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011/03/25 14:58:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011/03/25 14:36:42 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IECompatCache
[2011/03/25 14:33:26 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\PrivacIE
[2011/03/25 14:31:00 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\IETldCache
[2011/03/25 14:20:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2011/03/25 14:20:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/03/25 14:20:21 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/03/25 14:20:20 | 001,991,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/03/25 14:20:13 | 011,080,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/03/25 14:20:13 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2011/03/25 14:19:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2011/03/25 14:16:50 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2011/03/25 14:16:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2011/03/25 13:22:52 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvds32.ax
[2011/03/25 13:22:51 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmoe2.dll
[2011/03/25 13:22:51 | 000,809,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2011/03/25 13:22:48 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmspdmoe.dll
[2011/03/25 13:22:48 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmstream.dll
[2011/03/25 13:22:48 | 000,278,559 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmv8ds32.ax
[2011/03/25 13:22:47 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe2.dll
[2011/03/25 13:22:47 | 000,115,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmoe.dll
[2011/03/25 13:22:46 | 000,759,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmsdmod.dll
[2011/03/25 13:22:46 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpns.dll
[2011/03/25 13:22:46 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpshell.dll
[2011/03/25 13:22:46 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpui.dll
[2011/03/25 13:22:44 | 002,940,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmploc.dll
[2011/03/25 13:22:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmplayer.exe
[2011/03/25 13:22:43 | 000,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2011/03/25 13:22:43 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpband.dll
[2011/03/25 13:22:43 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcore.dll
[2011/03/25 13:22:43 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpcd.dll
[2011/03/25 13:22:40 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpasf.dll
[2011/03/25 13:22:40 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmp.ocx
[2011/03/25 13:22:26 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmidx.dll
[2011/03/25 13:22:25 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmerror.dll
[2011/03/25 13:22:25 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmlog.dll
[2011/03/25 13:22:25 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmdmps.dll
[2011/03/25 13:22:24 | 000,670,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmoe.dll
[2011/03/25 13:22:24 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmadmod.dll
[2011/03/25 13:22:24 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmasf.dll
[2011/03/25 13:22:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2011/03/25 13:22:18 | 000,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2011/03/25 13:22:08 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\verclsid.exe
[2011/03/25 13:21:54 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unregmp2.exe
[2011/03/25 13:21:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2011/03/25 13:21:18 | 000,086,016 | ---- | C] (Sipro Lab Telecom Inc.) -- C:\WINDOWS\System32\dllcache\sl_anet.acm
[2011/03/25 13:21:15 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shmedia.dll
[2011/03/25 13:21:02 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\setup_wm.exe
[2011/03/25 13:21:01 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2011/03/25 13:20:48 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2011/03/25 13:20:44 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2011/03/25 13:20:41 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2011/03/25 13:20:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2011/03/25 13:20:38 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2011/03/25 13:20:25 | 000,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2011/03/25 13:20:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2011/03/25 13:19:13 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npwmsdrm.dll
[2011/03/25 13:19:12 | 000,364,544 | ---- | C] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\WINDOWS\System32\dllcache\npdsplay.dll
[2011/03/25 13:19:11 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\npdrmv2.dll
[2011/03/25 13:18:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2011/03/25 13:18:44 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2011/03/25 13:18:44 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2011/03/25 13:18:37 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msxml6r.dll
[2011/03/25 13:18:37 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll
[2011/03/25 13:18:36 | 001,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2011/03/25 13:18:28 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mswmdm.dll
[2011/03/25 13:18:19 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2011/03/25 13:18:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2011/03/25 13:18:18 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscp.dll
[2011/03/25 13:18:18 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msscds32.ax
[2011/03/25 13:18:16 | 000,201,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsp.dll
[2011/03/25 13:18:16 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspmsnsv.dll
[2011/03/25 13:18:02 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msnetobj.dll
[2011/03/25 13:17:05 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msaud32.acm
[2011/03/25 13:16:58 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadds32.ax
[2011/03/25 13:16:53 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpvis.dll
[2011/03/25 13:16:51 | 000,004,639 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplayer2.exe
[2011/03/25 13:16:50 | 000,262,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2011/03/25 13:16:50 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4dmod.dll
[2011/03/25 13:16:50 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2011/03/25 13:16:48 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdmod.dll
[2011/03/25 13:16:47 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp43dmod.dll
[2011/03/25 13:16:32 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2011/03/25 13:16:31 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2011/03/25 13:16:30 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2011/03/25 13:16:28 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2011/03/25 13:16:18 | 000,786,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migrate.exe
[2011/03/25 13:15:26 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\laprxy.dll
[2011/03/25 13:14:38 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\dllcache\l3codeca.acm
[2011/03/25 13:14:38 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2011/03/25 13:14:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2011/03/25 13:14:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2011/03/25 13:14:15 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2011/03/25 13:14:12 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2011/03/25 13:13:22 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll
[2011/03/25 13:11:32 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2011/03/25 13:11:32 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2011/03/25 13:11:32 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2011/03/25 13:11:31 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2011/03/25 13:11:31 | 000,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2011/03/25 13:11:30 | 000,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2011/03/25 13:11:30 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2011/03/25 13:11:05 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmv2clt.dll
[2011/03/25 13:11:04 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmstor.dll
[2011/03/25 13:11:03 | 000,299,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\drmclien.dll
[2011/03/25 13:10:53 | 000,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2011/03/25 13:10:52 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2011/03/25 13:10:51 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2011/03/25 13:10:51 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2011/03/25 13:10:51 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2011/03/25 13:10:51 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2011/03/25 13:10:46 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dlimport.exe
[2011/03/25 13:10:39 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2011/03/25 13:10:28 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2011/03/25 13:09:56 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\custsat.dll
[2011/03/25 13:08:53 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cewmdm.dll
[2011/03/25 13:08:17 | 000,286,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\blackbox.dll
[2011/03/25 13:08:15 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2011/03/25 13:08:11 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2011/03/25 13:07:04 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asferror.dll
[2011/03/25 13:05:42 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2011/03/25 12:13:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\AVG10
[2011/03/25 12:03:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/03/25 11:55:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/25 11:55:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/03/25 11:53:39 | 000,357,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2011/03/25 11:53:11 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/03/25 11:52:34 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/03/25 11:51:27 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2011/03/25 11:50:52 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2011/03/25 11:49:44 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2011/03/25 11:48:57 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2011/03/25 11:48:57 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[2011/03/25 11:48:50 | 000,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2011/03/25 11:48:48 | 002,192,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2011/03/25 11:48:48 | 002,148,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2011/03/25 11:48:47 | 002,027,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2011/03/25 11:48:22 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2011/03/25 11:46:22 | 000,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2011/03/25 11:46:14 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msadce.dll
[2011/03/25 11:45:02 | 002,066,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstscax.dll
[2011/03/25 09:09:02 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2011/03/25 09:09:00 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2011/03/25 09:07:43 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpsp3res.dll
[2011/03/25 09:07:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2011/03/25 08:43:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2011/03/25 08:43:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2011/03/25 08:42:21 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2011/03/25 08:36:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/03/25 08:35:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2011/03/25 08:35:07 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\UserData
[2011/03/25 08:31:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2011/03/25 08:20:49 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logman.exe
[2011/03/25 08:20:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\proxycfg.exe
[2011/03/25 08:20:40 | 000,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2011/03/25 08:20:40 | 000,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2011/03/25 08:20:40 | 000,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2011/03/25 08:20:40 | 000,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2011/03/25 08:20:40 | 000,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2011/03/25 08:20:40 | 000,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2011/03/25 08:20:40 | 000,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2011/03/25 08:20:39 | 000,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2011/03/25 08:20:39 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2011/03/25 08:20:39 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2011/03/25 08:20:39 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2011/03/25 08:20:39 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2011/03/25 08:20:39 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2011/03/25 08:20:39 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2011/03/25 08:20:39 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2011/03/25 08:20:39 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2011/03/25 08:20:39 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2011/03/25 08:20:39 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2011/03/25 08:20:39 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2011/03/25 08:20:39 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2011/03/25 08:20:39 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2011/03/25 08:20:39 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2011/03/25 08:20:39 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2011/03/25 08:20:39 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2011/03/25 08:20:39 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2011/03/25 08:20:39 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2011/03/25 08:20:39 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2011/03/25 08:20:38 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2011/03/25 08:20:38 | 000,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2011/03/25 08:20:38 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2011/03/25 08:20:38 | 000,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2011/03/25 08:20:38 | 000,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2011/03/25 08:20:38 | 000,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2011/03/25 08:20:38 | 000,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2011/03/25 08:20:38 | 000,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2011/03/25 08:20:37 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2011/03/25 08:20:37 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2011/03/25 08:20:37 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2011/03/25 08:20:37 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2011/03/25 08:20:36 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2011/03/25 08:20:36 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2011/03/25 08:20:36 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2011/03/25 08:20:36 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2011/03/25 08:20:36 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2011/03/25 08:20:36 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2011/03/25 08:20:36 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2011/03/25 08:20:36 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2011/03/25 08:20:36 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2011/03/25 08:20:36 | 000,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2011/03/25 08:20:35 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2011/03/25 08:20:35 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2011/03/25 08:20:35 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2011/03/25 08:20:35 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2011/03/25 08:20:35 | 000,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2011/03/25 08:20:35 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2011/03/25 08:20:35 | 000,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2011/03/25 08:20:35 | 000,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2011/03/25 08:20:35 | 000,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2011/03/25 08:20:35 | 000,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2011/03/25 08:20:35 | 000,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2011/03/25 08:20:35 | 000,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2011/03/25 08:20:35 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2011/03/25 08:20:34 | 002,113,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dxdiagn.dll
[2011/03/25 08:20:34 | 001,689,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3d9.dll
[2011/03/25 08:20:34 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthprops.cpl
[2011/03/25 08:20:34 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\blastcln.exe
[2011/03/25 08:20:34 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\btpanui.dll
[2011/03/25 08:20:34 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bthci.dll
[2011/03/25 08:20:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\auditusr.exe
[2011/03/25 08:20:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmsetacl.dll
[2011/03/25 08:20:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx2.dll
[2011/03/25 08:20:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx3.dll
[2011/03/25 08:20:33 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2011/03/25 08:20:33 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fsquirt.exe
[2011/03/25 08:20:33 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\firewall.cpl
[2011/03/25 08:20:33 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fwcfg.dll
[2011/03/25 08:20:33 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2011/03/25 08:20:33 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2011/03/25 08:20:33 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\fltmc.exe
[2011/03/25 08:20:32 | 000,380,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irprops.cpl
[2011/03/25 08:20:32 | 000,154,624 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\ivfsrc.ax
[2011/03/25 08:20:32 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdfi1.dll
[2011/03/25 08:20:32 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinmal.dll
[2011/03/25 08:20:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt47.dll
[2011/03/25 08:20:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinben.dll
[2011/03/25 08:20:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdinbe1.dll
[2011/03/25 08:20:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmaori.dll
[2011/03/25 08:20:31 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdmod.dll
[2011/03/25 08:20:31 | 000,310,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mp43dmod.dll
[2011/03/25 08:20:31 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdadiag.dll
[2011/03/25 08:20:31 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2011/03/25 08:20:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsno.dll
[2011/03/25 08:20:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsmsfi.dll
[2011/03/25 08:20:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdukx.dll
[2011/03/25 08:20:31 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdno1.dll
[2011/03/25 08:20:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmlt48.dll
[2011/03/25 08:20:30 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2011/03/25 08:20:30 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2011/03/25 08:20:30 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netsetup.cpl
[2011/03/25 08:20:29 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2011/03/25 08:20:29 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgraph.dll
[2011/03/25 08:20:29 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2011/03/25 08:20:29 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2011/03/25 08:20:29 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2p.dll
[2011/03/25 08:20:29 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pnetsh.dll
[2011/03/25 08:20:29 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\p2pgasvc.dll
[2011/03/25 08:20:29 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2011/03/25 08:20:29 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\powercfg.exe
[2011/03/25 08:20:29 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sdhcinst.dll
[2011/03/25 08:20:28 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2011/03/25 08:20:28 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2011/03/25 08:20:28 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2011/03/25 08:20:28 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2011/03/25 08:20:28 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smbinst.exe
[2011/03/25 08:20:27 | 001,119,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmsdmoe2.dll
[2011/03/25 08:20:27 | 000,168,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmerror.dll
[2011/03/25 08:20:27 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmidx.dll
[2011/03/25 08:20:27 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmpasf.dll
[2011/03/25 08:20:27 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winshfhc.dll
[2011/03/25 08:20:26 | 001,001,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmoe2.dll
[2011/03/25 08:20:26 | 000,897,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmoe.dll
[2011/03/25 08:20:26 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll
[2011/03/25 08:20:26 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuapi.dll
[2011/03/25 08:20:26 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmspdmod.dll
[2011/03/25 08:20:26 | 000,217,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaucpl.cpl
[2011/03/25 08:20:26 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuauclt1.exe
[2011/03/25 08:20:26 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wscui.cpl
[2011/03/25 08:20:25 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll
[2011/03/25 08:20:25 | 000,327,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wucltui.dll
[2011/03/25 08:20:25 | 000,209,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuweb.dll
[2011/03/25 08:20:25 | 000,183,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng1.dll
[2011/03/25 08:20:25 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups.dll
[2011/03/25 08:20:25 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wups.dll
[2011/03/25 08:20:24 | 000,438,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpob2res.dll
[2011/03/25 08:20:24 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xmlprovi.dll
[2011/03/25 08:20:24 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2011/03/25 08:20:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\peernet
[2011/03/25 08:20:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\provisioning
[2011/03/25 08:17:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2011/03/25 08:13:34 | 000,016,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2011/03/25 08:13:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2011/03/25 08:13:08 | 000,026,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe
[2011/03/25 08:10:45 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011/03/25 08:10:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2011/03/25 02:07:26 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2011/03/25 02:01:08 | 000,060,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys
[2011/03/25 01:55:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\WinRAR
[2011/03/25 01:55:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SLD Codec Pack
[2011/03/25 01:54:52 | 000,000,000 | ---D | C] -- C:\Program Files\SLD Codec Pack
[2011/03/25 01:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\WinRAR
[2011/03/25 01:53:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
[2011/03/25 01:53:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\My Documents\Downloads
[2011/03/25 01:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011/03/25 01:36:19 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2011/03/25 01:36:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Application Data\Identities
[2011/03/25 01:36:08 | 000,000,000 | -H-D | C] -- C:\Program Files\Uninstall Information
[2011/03/25 01:36:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Pictures
[2011/03/25 01:36:07 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents\My Music
[2011/03/25 01:36:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Local Settings\Application Data\Microsoft
[2011/03/25 01:36:03 | 000,000,000 | --SD | C] -- C:\Documents and Settings\Owner\Application Data\Microsoft
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\SendTo
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Recent
[2011/03/25 01:36:03 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Owner\Application Data
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Startup
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\My Documents
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Favorites
[2011/03/25 01:36:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Owner\Start Menu\Programs\Accessories
[2011/03/25 01:36:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Owner\Cookies
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\Templates
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\PrintHood
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\NetHood
[2011/03/25 01:36:03 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\Owner\Local Settings
[2011/03/25 01:36:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Owner\Desktop
[2011/03/25 01:35:58 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2011/03/25 01:35:55 | 000,000,000 | --SD | C] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2011/03/25 01:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2011/03/25 01:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2011/03/25 01:35:54 | 000,000,000 | --SD | C] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2011/03/25 01:34:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/03/25 01:34:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/03/25 01:34:28 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/03/25 01:34:27 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/03/25 01:34:27 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/03/25 01:34:27 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/03/25 01:34:26 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/03/25 01:34:26 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/03/25 01:34:24 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/03/25 01:34:24 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/03/25 01:34:24 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/03/25 01:34:22 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/03/25 01:34:22 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/03/25 01:34:21 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/03/25 01:34:20 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/03/25 01:34:20 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/03/25 01:34:20 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/03/25 01:34:19 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/03/25 01:34:19 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/03/25 01:34:18 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/03/25 01:34:18 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/03/25 01:34:18 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/03/25 01:34:17 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/03/25 01:34:15 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/03/25 01:34:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/03/25 01:34:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/03/25 01:34:13 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/03/25 01:34:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/03/25 01:34:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/03/25 01:34:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/03/25 01:34:12 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/03/25 01:34:12 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/03/25 01:34:12 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpapi.dll
[2011/03/25 01:34:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/03/25 01:34:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/03/25 01:34:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/03/25 01:34:11 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/03/25 01:34:11 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/03/25 01:34:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/03/25 01:34:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/03/25 01:34:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/03/25 01:34:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/03/25 01:34:11 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/03/25 01:34:11 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/03/25 01:34:11 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/03/25 01:34:07 | 000,205,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seo.dll
[2011/03/25 01:34:07 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/03/25 01:34:07 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/03/25 01:34:06 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_rwnh.dll
[2011/03/25 01:34:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/03/25 01:34:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/03/25 01:34:04 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2011/03/25 01:34:03 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/03/25 01:34:03 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/03/25 01:34:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/03/25 01:34:01 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2011/03/25 01:34:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/03/25 01:34:00 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/03/25 01:34:00 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/03/25 01:33:59 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/03/25 01:33:59 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/03/25 01:33:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/03/25 01:33:58 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/03/25 01:33:58 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2011/03/25 01:33:58 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/03/25 01:33:57 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/03/25 01:33:57 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2011/03/25 01:33:57 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2011/03/25 01:33:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/03/25 01:33:55 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/03/25 01:33:52 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/03/25 01:33:47 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/03/25 01:33:47 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/03/25 01:33:40 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/03/25 01:33:40 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/03/25 01:33:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/03/25 01:33:37 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/03/25 01:33:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/03/25 01:33:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/03/25 01:33:37 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/03/25 01:33:36 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/03/25 01:33:36 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/03/25 01:33:36 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/03/25 01:33:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/03/25 01:33:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/03/25 01:33:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/03/25 01:33:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/03/25 01:33:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/03/25 01:33:36 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/03/25 01:33:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/03/25 01:33:35 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/03/25 01:33:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/03/25 01:33:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/03/25 01:33:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/03/25 01:33:34 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/03/25 01:33:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/03/25 01:33:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/03/25 01:33:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/03/25 01:33:33 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/03/25 01:33:33 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/03/25 01:33:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/03/25 01:33:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/03/25 01:33:33 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/03/25 01:33:31 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/03/25 01:33:31 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2011/03/25 01:33:30 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/03/25 01:33:30 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2011/03/25 01:33:30 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2011/03/25 01:33:30 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/03/25 01:33:30 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2011/03/25 01:33:30 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/03/25 01:33:30 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/03/25 01:33:29 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/03/25 01:33:29 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/03/25 01:33:29 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/03/25 01:33:29 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/03/25 01:33:29 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/03/25 01:33:29 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/03/25 01:33:29 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/03/25 01:33:28 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2011/03/25 01:33:28 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/03/25 01:33:28 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/03/25 01:33:28 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/03/25 01:33:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2011/03/25 01:33:28 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/03/25 01:33:28 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/03/25 01:33:22 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/03/25 01:33:13 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/03/25 01:33:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/03/25 01:33:09 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2011/03/25 01:33:09 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2011/03/25 01:33:09 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2011/03/25 01:33:08 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2011/03/25 01:33:08 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/03/25 01:33:07 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/03/25 01:33:07 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/03/25 01:33:06 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/03/25 01:33:06 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/03/25 01:33:06 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/03/25 01:33:05 | 000,514,587 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\edb500.dll
[2011/03/25 01:33:05 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/03/25 01:33:00 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2011/03/25 01:32:59 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/03/25 01:32:58 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2011/03/25 01:32:56 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/03/25 01:32:56 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2011/03/25 01:32:56 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/03/25 01:32:55 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/03/25 01:32:55 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/03/25 01:32:55 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/03/25 01:32:54 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/03/25 01:32:54 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/03/25 01:32:54 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/03/25 01:32:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/03/25 01:32:53 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2011/03/25 01:32:53 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/03/25 01:32:51 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/03/25 01:32:51 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/03/25 01:32:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/03/25 01:32:49 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqueue.dll
[2011/03/25 01:32:49 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/03/25 01:32:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/03/25 01:32:41 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpsnap.dll
[2011/03/25 01:32:41 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpadm.dll
[2011/03/25 01:32:30 | 000,000,000 | ---D | C] -- C:\Program Files\xerox
[2011/03/25 01:32:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2011/03/25 01:32:29 | 000,000,000 | ---D | C] -- C:\Program Files\microsoft frontpage
[2011/03/25 01:32:26 | 000,000,000 | ---D | C] -- C:\DELL
[2011/03/25 01:32:00 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mapi32.dll
[2011/03/25 01:31:13 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\DRM
[2011/03/25 01:31:03 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2011/03/25 01:31:03 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2011/03/25 01:30:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2011/03/25 01:29:50 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrslv.dll
[2011/03/25 01:29:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrcdlg.dll
[2011/03/25 01:29:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\racpldlg.dll
[2011/03/25 01:29:50 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\safrdm.dll
[2011/03/25 01:29:49 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\notiflag.exe
[2011/03/25 01:29:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\atrace.dll
[2011/03/25 01:29:49 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\atrace.dll
[2011/03/25 01:29:48 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helphost.exe
[2011/03/25 01:29:48 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\brpinfo.dll
[2011/03/25 01:29:48 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hcappres.dll
[2011/03/25 01:29:33 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srdiag.exe
[2011/03/25 01:29:32 | 000,032,768 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\isrdbg32.dll
[2011/03/25 01:29:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmevtmsg.dll
[2011/03/25 01:29:32 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nmevtmsg.dll
[2011/03/25 01:29:30 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wb32.exe
[2011/03/25 01:29:29 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msinfo32.exe
[2011/03/25 01:29:29 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cb32.exe
[2011/03/25 01:29:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\acctres.dll
[2011/03/25 01:29:28 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\acctres.dll
[2011/03/25 01:29:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Services
[2011/03/25 01:29:26 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetres.dll
[2011/03/25 01:29:21 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2011/03/25 01:29:20 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcfg.dll
[2011/03/25 01:29:20 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\isign32.dll
[2011/03/25 01:29:20 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwdial.dll
[2011/03/25 01:29:20 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icwphbk.dll
[2011/03/25 01:29:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icfgnt5.dll
[2011/03/25 01:29:20 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icfgnt5.dll
[2011/03/25 01:29:18 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trialoc.dll
[2011/03/25 01:29:17 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwtutor.exe
[2011/03/25 01:29:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwres.dll
[2011/03/25 01:29:17 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoapr.dll
[2011/03/25 01:29:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2011/03/25 01:29:16 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mssoap1.dll
[2011/03/25 01:29:16 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wisc10.dll
[2011/03/25 01:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MSSoap
[2011/03/25 01:29:12 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieinfo5.ocx
[2011/03/25 01:29:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2011/03/25 01:29:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2011/03/25 01:29:07 | 000,520,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmpvis.dll
[2011/03/25 01:29:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qmgrprxy.dll
[2011/03/25 01:29:05 | 000,319,542 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmres.dll
[2011/03/25 01:29:05 | 000,163,897 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmutil.dll
[2011/03/25 01:29:05 | 000,110,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmmfilt.dll
[2011/03/25 01:29:05 | 000,000,000 | ---D | C] -- C:\Program Files\Movie Maker
[2011/03/25 01:28:58 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\srrstr.dll
[2011/03/25 01:28:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2011/03/25 01:28:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHealth
[2011/03/25 01:28:57 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ils.dll
[2011/03/25 01:28:56 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msconf.dll
[2011/03/25 01:28:56 | 000,034,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mnmdd.dll
[2011/03/25 01:28:56 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nmmkcert.dll
[2011/03/25 01:28:52 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoeacct.dll
[2011/03/25 01:28:52 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msoert2.dll
[2011/03/25 01:28:52 | 000,000,000 | ---D | C] -- C:\Program Files\NetMeeting
[2011/03/25 01:28:50 | 000,000,000 | ---D | C] -- C:\Program Files\Outlook Express
[2011/03/25 01:28:49 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mstinit.exe
[2011/03/25 01:28:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\System
[2011/03/25 01:28:37 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer
[2011/03/25 01:28:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Pictures
[2011/03/25 01:28:36 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents\My Music
[2011/03/25 01:28:19 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2011/03/25 01:28:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2011/03/25 01:28:11 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
[2011/03/25 01:27:42 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
[2011/03/25 01:27:41 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2011/03/25 01:27:41 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services
[2011/03/25 01:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Player
[2011/03/25 01:27:33 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger
[2011/03/25 01:27:30 | 001,817,687 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgres.dll
[2011/03/25 01:27:30 | 000,082,501 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckg.dll
[2011/03/25 01:27:30 | 000,042,577 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bckgzm.exe
[2011/03/25 01:27:29 | 002,178,131 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlres.dll
[2011/03/25 01:27:29 | 000,780,885 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrres.dll
[2011/03/25 01:27:29 | 000,753,236 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvseres.dll
[2011/03/25 01:27:29 | 000,066,113 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvl.dll
[2011/03/25 01:27:29 | 000,048,706 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvse.dll
[2011/03/25 01:27:29 | 000,042,575 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkrzm.exe
[2011/03/25 01:27:29 | 000,042,574 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rvsezm.exe
[2011/03/25 01:27:29 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shvlzm.exe
[2011/03/25 01:27:29 | 000,040,515 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chkr.dll
[2011/03/25 01:27:28 | 001,175,635 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzres.dll
[2011/03/25 01:27:28 | 000,057,409 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtz.dll
[2011/03/25 01:27:28 | 000,042,573 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hrtzzm.exe
[2011/03/25 01:27:28 | 000,032,339 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniansi.dll
[2011/03/25 01:27:28 | 000,004,677 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zeeverm.dll
[2011/03/25 01:27:27 | 001,039,955 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnresm.dll
[2011/03/25 01:27:27 | 000,041,029 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zcorem.dll
[2011/03/25 01:27:27 | 000,013,894 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zonelibm.dll
[2011/03/25 01:27:26 | 000,217,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cmnclim.dll
[2011/03/25 01:27:26 | 000,113,222 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zoneclim.dll
[2011/03/25 01:27:26 | 000,036,937 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\zclientm.exe
[2011/03/25 01:27:26 | 000,029,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\znetm.dll
[2011/03/25 01:27:26 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Gaming Zone
[2011/03/25 01:27:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\write.exe
[2011/03/25 01:27:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2011/03/25 01:27:15 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\accwiz.exe
[2011/03/25 01:27:15 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\access.cpl
[2011/03/25 01:27:14 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndvol32.exe
[2011/03/25 01:27:14 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2011/03/25 01:27:14 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sndrec32.exe
[2011/03/25 01:27:13 | 000,347,136 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hypertrm.dll
[2011/03/25 01:27:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2011/03/25 01:27:13 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avtapi.dll
[2011/03/25 01:27:13 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2011/03/25 01:27:13 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avwav.dll
[2011/03/25 01:27:13 | 000,044,544 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\hticons.dll
[2011/03/25 01:27:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2011/03/25 01:27:13 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\avmeter.dll
[2011/03/25 01:27:13 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2011/03/25 01:27:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winchat.exe
[2011/03/25 01:27:12 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2011/03/25 01:27:03 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\getuname.dll
[2011/03/25 01:27:03 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2011/03/25 01:27:02 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2011/03/25 01:27:02 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\calc.exe
[2011/03/25 01:27:02 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2011/03/25 01:27:02 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\charmap.exe
[2011/03/25 01:27:02 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\sol.exe
[2011/03/25 01:27:02 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sol.exe
[2011/03/25 01:27:01 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mshearts.exe
[2011/03/25 01:27:01 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshearts.exe
[2011/03/25 01:27:01 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\winmine.exe
[2011/03/25 01:27:01 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmine.exe
[2011/03/25 01:27:01 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\freecell.exe
[2011/03/25 01:27:01 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\freecell.exe
[2011/03/25 01:27:00 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdshost.exe
[2011/03/25 01:27:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tskill.exe
[2011/03/25 01:27:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tskill.exe
[2011/03/25 01:27:00 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\reset.exe
[2011/03/25 01:27:00 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\reset.exe
[2011/03/25 01:26:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\regini.exe
[2011/03/25 01:26:59 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\regini.exe
[2011/03/25 01:26:59 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qwinsta.exe
[2011/03/25 01:26:59 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qwinsta.exe
[2011/03/25 01:26:59 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qprocess.exe
[2011/03/25 01:26:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsshutdn.exe
[2011/03/25 01:26:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsshutdn.exe
[2011/03/25 01:26:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qappsrv.exe
[2011/03/25 01:26:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\qappsrv.exe
[2011/03/25 01:26:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwinsta.exe
[2011/03/25 01:26:59 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwinsta.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsdiscon.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsdiscon.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscon.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tscon.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\shadow.exe
[2011/03/25 01:26:59 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shadow.exe
[2011/03/25 01:26:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpcfgex.dll
[2011/03/25 01:26:59 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rdpcfgex.dll
[2011/03/25 01:26:58 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcuiu.dll
[2011/03/25 01:26:58 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxoci.dll
[2011/03/25 01:26:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msg.exe
[2011/03/25 01:26:58 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msg.exe
[2011/03/25 01:26:58 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cdmodem.dll
[2011/03/25 01:26:58 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cdmodem.dll
[2011/03/25 01:26:58 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\logoff.exe
[2011/03/25 01:26:58 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logoff.exe
[2011/03/25 01:26:57 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtctm.dll
[2011/03/25 01:26:57 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtclog.dll
[2011/03/25 01:26:57 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xolehlp.dll
[2011/03/25 01:26:56 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtsadmin.tlb
[2011/03/25 01:26:55 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dcomcnfg.exe
[2011/03/25 01:26:54 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comrepl.dll
[2011/03/25 01:26:54 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\colbact.dll
[2011/03/25 01:26:54 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\stclient.dll
[2011/03/25 01:26:54 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxlegih.dll
[2011/03/25 01:26:54 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxdm.dll
[2011/03/25 01:26:54 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comaddin.dll
[2011/03/25 01:26:54 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mtxex.dll
[2011/03/25 01:26:53 | 000,539,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comuid.dll
[2011/03/25 01:26:53 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrv.dll
[2011/03/25 01:26:53 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsnap.dll
[2011/03/25 01:26:53 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clbcatex.dll
[2011/03/25 01:26:53 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvps.dll
[2011/03/25 01:26:52 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmi2xml.dll
[2011/03/25 01:26:48 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmipicmp.dll
[2011/03/25 01:26:48 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmimsg.dll
[2011/03/25 01:26:48 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmitimep.dll
[2011/03/25 01:26:48 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmtr.dll
[2011/03/25 01:26:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winmgmt.exe
[2011/03/25 01:26:47 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\updprov.dll
[2011/03/25 01:26:47 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmplprov.dll
[2011/03/25 01:26:47 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemdisp.tlb
[2011/03/25 01:26:47 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\trnsprov.dll
[2011/03/25 01:26:47 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpcons.dll
[2011/03/25 01:26:47 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.tlb
[2011/03/25 01:26:47 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unsecapp.exe
[2011/03/25 01:26:47 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wbemads.dll
[2011/03/25 01:26:46 | 000,273,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msiprov.dll
[2011/03/25 01:26:46 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fwdprov.dll
[2011/03/25 01:26:45 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dsprov.dll
[2011/03/25 01:26:45 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\servdeps.dll
[2011/03/25 01:26:44 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cmprops.dll
[2011/03/25 01:26:44 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmfutil.dll
[2011/03/25 01:26:37 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2011/03/25 01:26:37 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mplay32.exe
[2011/03/25 01:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows NT
[2011/03/25 01:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\MSN
[2011/03/25 01:26:36 | 000,538,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spider.exe
[2011/03/25 01:26:36 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\clipbrd.exe
[2011/03/25 01:26:35 | 001,929,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuaueng.dll
[2011/03/25 01:26:35 | 000,053,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wuauclt.exe
[2011/03/25 01:26:34 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscfgwmi.dll
[2011/03/25 01:26:33 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdchost.dll
[2011/03/25 01:26:33 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tscupgrd.exe
[2011/03/25 01:26:33 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdsaddin.exe
[2011/03/25 01:26:32 | 000,087,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpwsx.dll
[2011/03/25 01:26:32 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpclip.exe
[2011/03/25 01:26:32 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\cfgbkend.dll
[2011/03/25 01:26:32 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rdpsnd.dll
[2011/03/25 01:26:32 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\icaapi.dll
[2011/03/25 01:26:31 | 000,625,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\catsrvut.dll
[2011/03/25 01:26:31 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msdtcprx.dll
[2011/03/25 01:26:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2011/03/25 01:26:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2011/03/25 01:26:30 | 001,267,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsvcs.dll
[2011/03/25 01:26:26 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\licwmi.dll
[2011/03/25 01:25:47 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
[2011/03/24 18:23:02 | 000,006,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\enum1394.sys
[2011/03/24 18:22:40 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\usbui.dll
[2011/03/24 18:22:31 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys
[2011/03/24 18:21:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC
[2011/03/24 18:21:31 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcommon.dll
[2011/03/24 18:21:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spcplui.dll
[2011/03/24 18:21:30 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spttseng.dll
[2011/03/24 18:21:29 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sapisvr.exe
[2011/03/24 18:21:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechEngines
[2011/03/24 18:21:28 | 000,000,000 | R--D | C] -- C:\Program Files
[2011/03/24 18:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Microsoft Shared
[2011/03/24 18:21:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files
[2011/03/24 18:21:25 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuq.dll
[2011/03/24 18:21:25 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtuf.dll
[2011/03/24 18:21:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuq.dll
[2011/03/24 18:21:25 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtuf.dll
[2011/03/24 18:21:25 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdazel.dll
[2011/03/24 18:21:25 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdazel.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycc.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbduzb.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdur.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdtat.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru1.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdru.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdmon.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkyr.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdkaz.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbu.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdblr.dll
[2011/03/24 18:21:22 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdaze.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycc.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbduzb.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdur.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdtat.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru1.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdru.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdmon.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkyr.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdkaz.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdbu.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdblr.dll
[2011/03/24 18:21:22 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdaze.dll
[2011/03/24 18:21:19 | 000,008,192 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhept.dll
[2011/03/24 18:21:19 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhept.dll
[2011/03/24 18:21:19 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela3.dll
[2011/03/24 18:21:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela3.dll
[2011/03/24 18:21:19 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhela2.dll
[2011/03/24 18:21:19 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdgkl.dll
[2011/03/24 18:21:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhela2.dll
[2011/03/24 18:21:19 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgkl.dll
[2011/03/24 18:21:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe319.dll
[2011/03/24 18:21:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe220.dll
[2011/03/24 18:21:19 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhe.dll
[2011/03/24 18:21:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe319.dll
[2011/03/24 18:21:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe220.dll
[2011/03/24 18:21:19 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhe.dll
[2011/03/24 18:21:17 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv1.dll
[2011/03/24 18:21:17 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlv.dll
[2011/03/24 18:21:17 | 000,006,144 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdest.dll
[2011/03/24 18:21:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv1.dll
[2011/03/24 18:21:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlv.dll
[2011/03/24 18:21:17 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdest.dll
[2011/03/24 18:21:17 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt1.dll
[2011/03/24 18:21:17 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdlt.dll
[2011/03/24 18:21:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt1.dll
[2011/03/24 18:21:17 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlt.dll
[2011/03/24 18:21:14 | 000,007,168 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz.dll
[2011/03/24 18:21:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdycl.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl1.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdsl.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz2.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcz1.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdcr.dll
[2011/03/24 18:21:14 | 000,006,656 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\KBDAL.DLL
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdycl.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl1.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsl.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz2.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcz1.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdcr.dll
[2011/03/24 18:21:14 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdal.dll
[2011/03/24 18:21:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdro.dll
[2011/03/24 18:21:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpl1.dll
[2011/03/24 18:21:14 | 000,005,632 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdhu1.dll
[2011/03/24 18:21:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdro.dll
[2011/03/24 18:21:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdpl1.dll
[2011/03/24 18:21:14 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdhu1.dll
[2011/03/24 18:21:10 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dllcache\dgrpsetu.dll
[2011/03/24 18:21:10 | 000,176,157 | ---- | C] (Digi International, Inc.) -- C:\WINDOWS\System32\dgrpsetu.dll
[2011/03/24 18:21:10 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dllcache\dgsetup.dll
[2011/03/24 18:21:10 | 000,085,020 | ---- | C] (Digi International) -- C:\WINDOWS\System32\dgsetup.dll
[2011/03/24 18:21:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/03/24 18:21:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/03/24 18:21:09 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\EqnClass.Dll
[2011/03/24 18:21:09 | 000,103,424 | ---- | C] (Equinox Systems Inc.) -- C:\WINDOWS\System32\dllcache\eqnclass.dll
[2011/03/24 18:21:09 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/03/24 18:21:09 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/03/24 18:21:09 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wfwnet.drv
[2011/03/24 18:21:09 | 000,013,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\WFWNET.DRV
[2011/03/24 18:21:09 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ver.dll
[2011/03/24 18:21:09 | 000,009,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VER.DLL
[2011/03/24 18:21:09 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vga.drv
[2011/03/24 18:21:09 | 000,002,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\VGA.DRV
[2011/03/24 18:21:08 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvideo.dll
[2011/03/24 18:21:08 | 000,126,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MSVIDEO.DLL
[2011/03/24 18:21:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olecli.dll
[2011/03/24 18:21:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLECLI.DLL
[2011/03/24 18:21:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\olesvr.dll
[2011/03/24 18:21:08 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\OLESVR.DLL
[2011/03/24 18:21:08 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tapi.dll
[2011/03/24 18:21:08 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TAPI.DLL
[2011/03/24 18:21:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell.dll
[2011/03/24 18:21:08 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SHELL.DLL
[2011/03/24 18:21:08 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\timer.drv
[2011/03/24 18:21:08 | 000,004,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\TIMER.DRV
[2011/03/24 18:21:08 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\system.drv
[2011/03/24 18:21:08 | 000,003,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SYSTEM.DRV
[2011/03/24 18:21:08 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sound.drv
[2011/03/24 18:21:08 | 000,001,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\SOUND.DRV
[2011/03/24 18:21:07 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifile.dll
[2011/03/24 18:21:07 | 000,109,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVIFILE.DLL
[2011/03/24 18:21:07 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciavi.drv
[2011/03/24 18:21:07 | 000,073,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIAVI.DRV
[2011/03/24 18:21:07 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avicap.dll
[2011/03/24 18:21:07 | 000,069,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\AVICAP.DLL
[2011/03/24 18:21:07 | 000,068,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\mmsystem.dll
[2011/03/24 18:21:07 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\commdlg.dll
[2011/03/24 18:21:07 | 000,032,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\COMMDLG.DLL
[2011/03/24 18:21:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciwave.drv
[2011/03/24 18:21:07 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCIWAVE.DRV
[2011/03/24 18:21:07 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mciseq.drv
[2011/03/24 18:21:07 | 000,025,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MCISEQ.DRV
[2011/03/24 18:21:07 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lzexpand.dll
[2011/03/24 18:21:07 | 000,009,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\LZEXPAND.DLL
[2011/03/24 18:21:07 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mouse.drv
[2011/03/24 18:21:07 | 000,002,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MOUSE.DRV
[2011/03/24 18:21:07 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\keyboard.drv
[2011/03/24 18:21:07 | 000,002,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\KEYBOARD.DRV
[2011/03/24 18:21:07 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mmtask.tsk
[2011/03/24 18:21:07 | 000,001,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\MMTASK.TSK
[2011/03/24 18:21:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\TASKMAN.EXE
[2011/03/24 18:21:06 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\taskman.exe
[2011/03/24 18:21:05 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System\winspool.drv
[2011/03/24 18:21:05 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\batt.dll
[2011/03/24 18:21:03 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\storprop.dll
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Start Menu
[2011/03/24 18:20:54 | 000,000,000 | R--D | C] -- C:\Documents and Settings\All Users\Documents
[2011/03/24 18:20:54 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Templates
[2011/03/24 18:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Favorites
[2011/03/24 18:20:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop
[2011/03/24 18:20:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2011/03/24 18:20:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2011/03/24 18:20:30 | 000,000,000 | --SD | C] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2011/03/24 18:20:30 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\All Users\Application Data
[2011/03/24 18:20:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings
[2011/03/24 18:14:25 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2011/03/24 18:14:25 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2011/03/24 18:14:25 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2011/03/24 18:14:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2011/03/24 18:14:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2011/03/20 08:45:56 | 000,042,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys
[2011/03/20 08:45:54 | 000,264,440 | ---- | C] (SigmaTel, Inc.) -- C:\WINDOWS\System32\drivers\stac97.sys
[2011/03/20 08:45:53 | 000,102,481 | ---- | C] (SigmaTel Inc.) -- C:\WINDOWS\System32\stac97.cpl
[2011/03/20 08:44:35 | 000,135,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys
[2011/03/20 08:39:18 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksuser.dll
[2011/03/20 08:39:17 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys
[2011/03/20 08:39:17 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksproxy.ax
[2011/03/20 08:35:38 | 000,042,368 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\bcm4sbxp.sys
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.tha
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.ptb
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.kor
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.jpn
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.fra
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.esp
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.deu
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.cht
[2011/03/20 08:35:32 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atridtxx.chs
[2011/03/20 08:35:29 | 000,073,728 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2011/03/20 08:35:29 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll
[2011/03/20 08:35:29 | 000,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2011/03/20 08:35:27 | 003,936,340 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atioglxx.dll
[2011/03/20 08:35:26 | 000,648,697 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2011/03/20 08:35:26 | 000,270,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll
[2011/03/20 08:35:25 | 001,022,907 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d2ag.dll
[2011/03/20 08:35:24 | 000,831,227 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2011/03/20 08:35:23 | 000,539,392 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2011/03/20 08:35:22 | 000,241,536 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2011/03/20 08:34:29 | 000,073,728 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2011/03/20 08:33:45 | 000,164,224 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS
[2011/03/20 08:33:44 | 000,102,400 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Atiidtxx.dll
[2011/03/20 08:33:44 | 000,028,672 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2011/03/20 08:33:44 | 000,016,384 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\Atridtxx.enu
[2011/03/20 08:33:43 | 000,049,152 | ---- | C] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/05 17:32:58 | 111,717,299 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/04/05 17:04:35 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0CA1D476-9C73-4E2D-8345-067C08B14ED8}.job
[2011/04/05 16:59:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/04/05 16:59:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/04/02 23:56:57 | 000,432,924 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/04/02 23:56:57 | 000,067,714 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/03/30 17:56:55 | 000,000,690 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/03/30 17:45:14 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTL.exe
[2011/03/30 17:43:47 | 000,645,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Owner\Desktop\OTS.exe
[2011/03/30 17:19:19 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/03/30 16:47:27 | 004,310,058 | R--- | M] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/03/25 17:26:10 | 000,095,072 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/25 16:53:37 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/25 16:38:56 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/03/25 15:47:53 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/25 14:57:37 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2011/03/25 14:31:29 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/25 12:29:26 | 000,005,764 | ---- | M] () -- C:\Documents and Settings\Owner\My Documents\root scan.csv
[2011/03/25 08:21:43 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/03/25 08:14:52 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011/03/25 01:58:44 | 000,072,704 | ---- | M] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 01:55:07 | 000,000,700 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SLD Codec Selector.lnk
[2011/03/25 01:36:25 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/03/25 01:36:18 | 000,000,804 | ---- | M] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/25 01:36:17 | 000,025,065 | ---- | M] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/03/25 01:35:17 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2011/03/25 01:34:44 | 000,000,237 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/03/25 01:32:15 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/03/25 01:32:15 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/03/25 01:32:15 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2011/03/25 01:32:13 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/03/25 01:32:13 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/03/25 01:32:12 | 000,299,552 | ---- | M] () -- C:\WINDOWS\WMSysPrx.prx
[2011/03/25 01:32:00 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/03/25 01:28:32 | 000,021,640 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/05 17:32:58 | 111,717,299 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/03/30 17:56:55 | 000,000,690 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2011.lnk
[2011/03/30 17:19:19 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/03/30 17:19:15 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/03/30 17:18:18 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/03/30 17:18:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/03/30 17:18:18 | 000,089,088 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/03/30 17:18:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/03/30 17:18:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/03/30 16:47:27 | 004,310,058 | R--- | C] () -- C:\Documents and Settings\Owner\Desktop\ComboFix.exe
[2011/03/25 16:53:37 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/25 14:36:10 | 000,000,422 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{0CA1D476-9C73-4E2D-8345-067C08B14ED8}.job
[2011/03/25 13:22:46 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2011/03/25 13:22:46 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2011/03/25 13:22:46 | 000,000,855 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2011/03/25 13:22:46 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2011/03/25 13:22:43 | 000,613,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2011/03/25 13:22:43 | 000,067,374 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2011/03/25 13:22:43 | 000,023,195 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2011/03/25 13:22:42 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2011/03/25 13:22:42 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2011/03/25 13:22:42 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2011/03/25 13:22:41 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2011/03/25 13:22:41 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2011/03/25 13:22:41 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2011/03/25 13:22:41 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2011/03/25 13:22:40 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2011/03/25 13:22:40 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2011/03/25 13:22:40 | 000,029,070 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2011/03/25 13:22:25 | 000,006,769 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2011/03/25 13:22:24 | 000,017,272 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2011/03/25 13:22:24 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2011/03/25 13:22:24 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2011/03/25 13:22:24 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2011/03/25 13:22:24 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2011/03/25 13:22:24 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2011/03/25 13:22:24 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2011/03/25 13:22:24 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2011/03/25 13:22:24 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2011/03/25 13:22:24 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2011/03/25 13:22:10 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2011/03/25 13:22:10 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2011/03/25 13:22:10 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2011/03/25 13:21:47 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2011/03/25 13:21:47 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2011/03/25 13:21:47 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2011/03/25 13:21:47 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2011/03/25 13:21:47 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2011/03/25 13:21:47 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2011/03/25 13:21:40 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2011/03/25 13:21:40 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2011/03/25 13:21:40 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2011/03/25 13:21:40 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2011/03/25 13:21:19 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2011/03/25 13:21:17 | 000,000,908 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2011/03/25 13:20:52 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2011/03/25 13:20:48 | 000,066,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2011/03/25 13:20:24 | 000,077,307 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2011/03/25 13:20:24 | 000,000,784 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2011/03/25 13:20:23 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2011/03/25 13:20:23 | 000,001,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2011/03/25 13:20:23 | 000,001,474 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2011/03/25 13:20:23 | 000,001,451 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2011/03/25 13:20:23 | 000,001,448 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2011/03/25 13:20:23 | 000,001,250 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2011/03/25 13:20:23 | 000,001,049 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2011/03/25 13:20:23 | 000,001,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2011/03/25 13:20:23 | 000,001,036 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2011/03/25 13:20:23 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2011/03/25 13:20:23 | 000,000,787 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2011/03/25 13:20:23 | 000,000,783 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2011/03/25 13:20:23 | 000,000,775 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2011/03/25 13:20:23 | 000,000,733 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2011/03/25 13:19:35 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2011/03/25 13:19:12 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2011/03/25 13:19:12 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2011/03/25 13:17:27 | 000,004,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxmlc.dll
[2011/03/25 13:17:26 | 000,844,314 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdxm.ocx
[2011/03/25 13:16:51 | 000,018,286 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2011/03/25 13:16:51 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2011/03/25 13:16:51 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2011/03/25 13:15:58 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2011/03/25 13:13:10 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2011/03/25 13:11:41 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2011/03/25 13:11:27 | 000,498,742 | ---- | C] () -- C:\WINDOWS\System32\dllcache\dxmasf.dll
[2011/03/25 13:09:42 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2011/03/25 13:09:42 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2011/03/25 13:09:42 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2011/03/25 13:09:42 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2011/03/25 13:09:28 | 000,184,959 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2011/03/25 13:09:25 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2011/03/25 13:09:24 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2011/03/25 13:09:24 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2011/03/25 13:09:13 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2011/03/25 13:09:13 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2011/03/25 13:08:15 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2011/03/25 12:29:26 | 000,005,764 | ---- | C] () -- C:\Documents and Settings\Owner\My Documents\root scan.csv
[2011/03/25 08:21:29 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2011/03/25 08:20:38 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2011/03/25 08:20:38 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2011/03/25 08:20:37 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2011/03/25 08:20:31 | 000,118,272 | ---- | C] () -- C:\WINDOWS\System32\mpeg2data.ax
[2011/03/25 01:55:07 | 000,000,700 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SLD Codec Selector.lnk
[2011/03/25 01:43:13 | 000,072,704 | ---- | C] () -- C:\Documents and Settings\Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/25 01:36:25 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2011/03/25 01:36:16 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Outlook Express.lnk
[2011/03/25 01:36:13 | 000,000,804 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/03/25 01:36:08 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/03/25 01:36:08 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Internet Explorer.lnk
[2011/03/25 01:36:04 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Remote Assistance.lnk
[2011/03/25 01:36:04 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\Owner\Start Menu\Programs\Windows Media Player.lnk
[2011/03/25 01:35:17 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2011/03/25 01:34:39 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/03/25 01:33:58 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/03/25 01:33:37 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/03/25 01:33:30 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/03/25 01:33:30 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/03/25 01:33:28 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/03/25 01:33:17 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/03/25 01:33:11 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/03/25 01:32:55 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/03/25 01:32:15 | 000,002,577 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/03/25 01:32:15 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2011/03/25 01:32:15 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2011/03/25 01:32:15 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2011/03/25 01:32:13 | 000,025,065 | ---- | C] () -- C:\WINDOWS\System32\wmpscheme.xml
[2011/03/25 01:32:13 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/03/25 01:32:13 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/03/25 01:32:12 | 000,299,552 | ---- | C] () -- C:\WINDOWS\WMSysPrx.prx
[2011/03/25 01:30:37 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2011/03/25 01:29:45 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2011/03/25 01:29:45 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2011/03/25 01:29:33 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2011/03/25 01:28:32 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/03/25 01:27:42 | 000,000,829 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Messenger.lnk
[2011/03/25 01:27:41 | 000,001,846 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\MSN Explorer.lnk
[2011/03/25 01:27:06 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2011/03/25 01:27:05 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prairie Wind.bmp
[2011/03/25 01:27:05 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe Stucco.bmp
[2011/03/25 01:27:05 | 000,026,680 | ---- | C] () -- C:\WINDOWS\River Sumida.bmp
[2011/03/25 01:27:05 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Greenstone.bmp
[2011/03/25 01:27:05 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2011/03/25 01:27:05 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Gone Fishing.bmp
[2011/03/25 01:27:05 | 000,016,730 | ---- | C] () -- C:\WINDOWS\FeatherTexture.bmp
[2011/03/25 01:27:04 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Soap Bubbles.bmp
[2011/03/25 01:27:04 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Coffee Bean.bmp
[2011/03/25 01:27:04 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blue Lace 16.bmp
[2011/03/25 01:27:00 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2011/03/25 01:26:59 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2011/03/25 01:26:57 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2011/03/25 01:26:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
[2011/03/24 18:21:38 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011/03/24 18:21:33 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/03/24 18:21:30 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2011/03/24 18:21:30 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2011/03/24 18:21:30 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2011/03/24 18:21:29 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2011/03/24 18:21:05 | 000,001,688 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2011/03/24 18:20:54 | 000,007,046 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/03/24 18:20:53 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/03/24 18:20:53 | 000,657,548 | ---- | C] () -- C:\WINDOWS\System32\dllcache\CLASSES.CAT
[2011/03/24 18:20:53 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/03/24 18:20:53 | 000,390,168 | ---- | C] () -- C:\WINDOWS\System32\dllcache\WFC.CAT
[2011/03/24 18:20:53 | 000,056,081 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DAJAVAC.CAT
[2011/03/24 18:20:53 | 000,052,311 | ---- | C] () -- C:\WINDOWS\System32\dllcache\DX3.CAT
[2011/03/24 18:20:53 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/03/24 18:20:53 | 000,022,151 | ---- | C] () -- C:\WINDOWS\System32\dllcache\TCLASSES.CAT
[2011/03/24 18:20:53 | 000,021,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\XMLDSOC.CAT
[2011/03/24 18:20:53 | 000,014,031 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSJDBC.CAT
[2011/03/24 18:20:53 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/03/24 18:20:53 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/03/24 18:20:05 | 000,095,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/03/24 18:19:27 | 000,000,327 | RHS- | C] () -- C:\boot.ini
[2011/03/24 18:19:24 | 000,000,237 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/03/20 08:35:22 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\ati2evxx.exe
[2004/12/20 03:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 03:03:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/08/02 14:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2002/12/14 14:46:02 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\oggDS.dll
[2002/12/14 14:46:02 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002/12/14 14:46:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2002/12/14 13:46:04 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2002/11/15 05:11:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\MMSwitch.dll
[2002/09/03 10:17:03 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/03 10:16:59 | 000,004,594 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/03 09:52:01 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/03 09:52:00 | 000,432,924 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/09/03 09:51:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/03 09:51:54 | 000,067,714 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/09/03 09:49:33 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/09/03 09:41:59 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/03 09:41:43 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/03 09:32:10 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/03 09:30:33 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

< End of report >

#4
Brujo

Posted 05 April 2011 - 07:32 PM

Member

Topic Starter
Member
34 posts

Here is the other log that you requested

Volume in drive C has no label.
Volume Serial Number is 38F7-70CC

Directory of C:\QooBox

03/30/2011 05:33 PM <DIR> .
03/30/2011 05:33 PM <DIR> ..
03/30/2011 05:32 PM 5,374 Add-Remove Programs.txt
03/30/2011 05:18 PM <DIR> BackEnv
03/30/2011 05:33 PM 550 ComboFix-quarantined-files.txt
03/30/2011 05:17 PM <DIR> Quarantine
03/30/2011 05:32 PM 1,389,310 SnapShot@2011-03-31_00.31.05.dat
3 File(s) 1,395,234 bytes

Directory of C:\QooBox\Quarantine

03/30/2011 05:17 PM <DIR> .
03/30/2011 05:17 PM <DIR> ..
03/30/2011 05:19 PM <DIR> C
03/30/2011 05:24 PM 102 catchme.log
03/30/2011 05:32 PM <DIR> Registry_backups
1 File(s) 102 bytes

Directory of C:\QooBox\Quarantine\C

03/30/2011 05:19 PM <DIR> .
03/30/2011 05:19 PM <DIR> ..
0 File(s) 0 bytes

Directory of C:\QooBox\Quarantine\Registry_backups

03/30/2011 05:32 PM <DIR> .
03/30/2011 05:32 PM <DIR> ..
03/30/2011 05:29 PM 7,039 tcpip.reg
03/30/2011 05:32 PM 132 Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829}.reg.dat
03/30/2011 05:32 PM 171 WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829}.reg.dat
3 File(s) 7,342 bytes

Total Files Listed:
7 File(s) 1,402,678 bytes
12 Dir(s) 30,065,299,456 bytes free

#5
sempai

Posted 06 April 2011 - 09:17 AM

Trusted Helper

Malware Removal
785 posts

Hi,

Can you please post the contents of C:\QooBox\ComboFix-quarantined-files.txt

GMER Rootkit Scanner is already saved in your computer.

Double click GMER.exe and if you are asked if you want to allow gmer.sys driver to load, please allow it to do so.
If it gives you a warning about rootkit activity and asks if you want to run scan, please click on NO.
In the right panel you will see several boxes that have been checked. Unchecked the following checkboxes:
- IAT/EAT
- Drives/Partition other than Systemdrive (typically C:\)
- Show All (don't miss this one)
Now click on the Scan button and wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in ark.txt and save it to your desktop.
Post the contents of that report when you reply.

#6
Brujo

Posted 06 April 2011 - 05:18 PM

Member

Topic Starter
Member
34 posts

GMER couldn't finish the scan . I get an error, blue screen with something like IRQ_NOT_LESS_OR_EQUAL
I've tried a couple of times and every time i get that blue screen. But here is the "C:\QooBox\ComboFix-quarantined-files.txt" . I hope this is the file you asked. By the way, thanks for all the help

2011-03-31 00:32:21 . 2011-03-31 00:32:21 171 ----a-w- C:\Qoobox\Quarantine\Registry_backups\WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829}.reg.dat
2011-03-31 00:32:20 . 2011-03-31 00:32:20 132 ----a-w- C:\Qoobox\Quarantine\Registry_backups\Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829}.reg.dat
2011-03-31 00:29:43 . 2011-03-31 00:29:43 7,039 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg
2011-03-31 00:17:53 . 2011-03-31 00:24:34 102 ----a-w- C:\Qoobox\Quarantine\catchme.log

#7
sempai

Posted 07 April 2011 - 06:59 AM

Trusted Helper

Malware Removal
785 posts

Hi Brujo,

Please temporary remove AVG so it will not interfere with ComboFix. Delete your copy of ComboFix (do not uninstall) and then download and run a new copy.

Download Combofix (by Subs) from any of the links below, make sure that you save it to your desktop.

Link 1
Link 2

It's important to temporary disable your anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. See HERE

Close any open windows, including this one.

Double click on ComboFix.exe & follow the prompts.

ComboFix will check to see if the Microsoft Windows Recovery Console is installed.

*It's strongly recommended to have this pre-installed on your machine before doing any malware removal.
*The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode.
*This allows us to more easily help you should your computer have a problem after an attempted removal of malware.

If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. If you did not have it installed, you will see the prompt below. Choose YES.

Posted Image

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console.

When prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Important notes:

Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.
ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
Please do not mouseclick combofix's window while its running because it may call it to stall.
ComboFix SHOULD NOT be used unless requested by a forum helper. See HERE.

#8
Brujo

Posted 07 April 2011 - 09:18 PM

Member

Topic Starter
Member
34 posts

Here is the log from the scan:

ComboFix 11-04-07.06 - Owner 04/07/2011 19:18:30.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.383.243 [GMT -7:00]
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((( Files Created from 2011-03-08 to 2011-04-08 )))))))))))))))))))))))))))))))
.
.
2011-04-06 20:42 . 2011-04-06 20:42 -------- d-----w- C:\712ccdbb4162b8320b71
2011-04-03 07:28 . 2011-04-03 07:28 -------- d-----w- C:\8e921d0dbe33533a6ce5c824f77200
2011-04-03 07:06 . 2011-04-03 07:06 -------- d-----w- C:\895d0f6cb024d873ae1c
2011-03-25 23:58 . 2011-03-26 00:00 -------- d-----w- C:\e79bbe30f08b99cb9b0d237153795bcc
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-09 13:53 . 2002-09-03 16:57 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2002-09-03 16:32 186880 ----a-w- c:\windows\system32\encdec.dll
2011-01-21 14:44 . 2002-09-03 16:59 439296 ----a-w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-03-31_00.31.05 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-03-31 07:16 . 2010-03-31 07:16 99176 c:\windows\system32\PresentationHostProxy.dll
+ 2002-09-03 16:51 . 2011-04-06 21:02 67714 c:\windows\system32\perfc009.dat
- 2002-09-03 16:51 . 2011-03-30 23:33 67714 c:\windows\system32\perfc009.dat
+ 2009-11-07 08:07 . 2009-11-07 08:07 49488 c:\windows\system32\netfxperf.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2011-04-03 07:17 . 2008-04-13 18:39 14592 c:\windows\system32\drivers\kbdhid.sys
+ 2011-04-03 07:17 . 2008-04-13 18:39 14592 c:\windows\system32\dllcache\kbdhid.sys
- 2008-07-30 02:16 . 2008-07-30 02:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-04-08 06:48 . 2010-04-08 06:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13648 c:\windows\Microsoft.NET\Framework\v2.0.50727\sbscmp20_mscorlib.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13648 c:\windows\Microsoft.NET\Framework\SharedReg12.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_perfcounter.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp20_mscorwks.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13648 c:\windows\Microsoft.NET\Framework\sbscmp10.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13664 c:\windows\Microsoft.NET\Framework\sbs_wminet_utils.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13688 c:\windows\Microsoft.NET\Framework\sbs_system.enterpriseservices.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13664 c:\windows\Microsoft.NET\Framework\sbs_system.data.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13696 c:\windows\Microsoft.NET\Framework\sbs_system.configuration.install.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorsec.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscorrc.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13656 c:\windows\Microsoft.NET\Framework\sbs_mscordbi.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13672 c:\windows\Microsoft.NET\Framework\sbs_microsoft.jscript.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 13664 c:\windows\Microsoft.NET\Framework\sbs_diasymreader.dll
+ 2009-11-07 08:07 . 2009-11-07 08:07 86864 c:\windows\Microsoft.NET\Framework\NETFXSBS10.exe
+ 2011-04-06 21:18 . 2011-04-06 21:18 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\5ec9dec678303ebff0ef018edb5ec595\UIAutomationProvider.ni.dll
+ 2011-04-06 22:26 . 2011-04-06 22:26 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\46ef15b88ef577de4882c519329fc5d2\System.Windows.Presentation.ni.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\70ee6267f7bad40e8707d402277770c3\System.Web.DynamicData.Design.ni.dll
+ 2011-04-06 01:13 . 2011-04-06 01:13 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\2b5ff2c6358c483eb1439b99badb54fd\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-04-06 01:13 . 2011-04-06 01:13 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\6125ff5a4fcd93d70a246cbff3005d42\System.AddIn.Contract.ni.dll
+ 2011-04-06 21:17 . 2011-04-06 21:17 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\de26af01222270c121788161496fcfe7\PresentationFontCache.ni.exe
+ 2011-04-06 21:15 . 2011-04-06 21:15 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\3c5adeedb70e6e052a6556c6ab9b6918\PresentationCFFRasterizer.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\5e5176efbfeb803b7f217525beec6844\Microsoft.Vsa.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\e1d4e0b1f112000ab33bbaf88bd9ed99\Microsoft.Build.Framework.ni.dll
+ 2011-04-06 01:13 . 2011-04-06 01:13 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\4200cf5b7f247ec1b997808c6d1ba7d1\Microsoft.Build.Framework.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\50b7fc7f36c76313cbb434b10923e4e9\dfsvc.ni.exe
+ 2011-04-06 01:12 . 2011-04-06 01:12 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\5ffa548547613dbc5a92f2c5b7cad196\Accessibility.ni.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2011-04-06 20:55 . 2011-04-06 20:55 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-03-26 00:01 . 2011-03-26 00:01 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2011-04-03 07:03 . 2011-04-03 07:03 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2011-04-06 20:55 . 2011-04-06 20:55 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-04-06 20:57 . 2011-04-06 20:57 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-03-30 23:28 . 2011-03-30 23:28 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-03-30 23:24 . 2011-03-30 23:24 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-03-30 23:24 . 2011-03-30 23:24 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-03-30 23:26 . 2011-03-30 23:26 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-04-06 20:57 . 2011-04-06 20:57 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-04-06 20:57 . 2011-04-06 20:57 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-03-30 23:26 . 2011-03-30 23:26 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-03-30 23:24 . 2011-03-30 23:24 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-04-06 20:57 . 2011-04-06 20:57 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-03-30 23:27 . 2011-03-30 23:27 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-03-30 23:23 . 2011-03-30 23:23 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-03-30 23:25 . 2011-03-30 23:25 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-03-30 23:25 . 2011-03-30 23:25 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2010-03-31 07:10 . 2010-03-31 07:10 295264 c:\windows\system32\PresentationHost.exe
+ 2002-09-03 16:52 . 2011-04-06 21:02 432924 c:\windows\system32\perfh009.dat
- 2002-09-03 16:52 . 2011-03-30 23:33 432924 c:\windows\system32\perfh009.dat
+ 2009-11-07 08:07 . 2009-11-07 08:07 297808 c:\windows\system32\mscoree.dll
+ 2010-03-31 07:16 . 2010-03-31 07:16 130408 c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationHostDLL.dll
+ 2010-04-08 06:48 . 2010-04-08 06:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-30 02:16 . 2008-07-30 02:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-04-08 06:48 . 2010-04-08 06:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2009-03-20 18:48 . 2009-03-20 18:48 183808 c:\windows\Installer\44f80.msp
+ 2010-09-24 04:02 . 2010-09-24 04:02 798208 c:\windows\Installer\37534.msp
+ 2009-03-20 18:48 . 2009-03-20 18:48 183808 c:\windows\Installer\10094f.msp
+ 2011-04-03 07:10 . 2011-04-03 07:10 970752 c:\windows\assembly\tmp\3AFLQW27\System.Deployment.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\a16b8bcca59515281688ec856c034698\WsatConfig.ni.exe
+ 2011-04-06 21:18 . 2011-04-06 21:18 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\672c4d8e3c33e309c1ed90fa4cb85aba\WindowsFormsIntegration.ni.dll
+ 2011-04-06 21:18 . 2011-04-06 21:18 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\9df760fdf8071c7b0de78f39de365e6a\UIAutomationClient.ni.dll
+ 2011-04-06 21:15 . 2011-04-06 21:15 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF3.tmp\WindowsFormsIntegration.dll
+ 2011-04-06 01:17 . 2011-04-06 01:17 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\ff53d5b5249a2841ee196294429f51cf\System.Xml.Linq.ni.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\7f9a1ae146571025fd49914b5c71a39b\System.Web.Routing.ni.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\d0ae809162b55e2fa958739177476af8\System.Web.RegularExpressions.ni.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\b1646e54b708b9824f4193f87eb00c0e\System.Web.Extensions.Design.ni.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\504a93e73da77c502ecf98bfdfc1485e\System.Web.Entity.ni.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f22334fbd9497d79448fffef515ae0cc\System.Web.Entity.Design.ni.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\af5452305588da228a74e30324681d20\System.Web.DynamicData.ni.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\9d9bca1a8993c427984aa1bc9c165a33\System.Web.Abstractions.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\26d5bf1f7e700c2c19aa9b1da5519b24\System.Transactions.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b000cc703c9d95593b516bf2c2ec316\System.ServiceProcess.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\75e331a5d731d8e207be07adc06dec23\System.Security.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\dd7497aa089340600c8c5af8ab421ff7\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\2a080994f308f347b0497bb8804861cf\System.Net.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\bc1cf48ba7dc00f45d0e949c49ab677a\System.Management.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\904fda53006680a67f917ab638be0305\System.Management.Instrumentation.ni.dll
+ 2011-04-06 00:23 . 2011-04-06 00:23 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\4490976887e2e5a3b594041edbdf5064\System.IO.Log.ni.dll
+ 2011-04-06 00:23 . 2011-04-06 00:23 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\77b9f6f6671aaaeb84c6907d467e792c\System.IdentityModel.Selectors.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.Wrapper.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\15724a7517f939c9b300f341fb5620b8\System.EnterpriseServices.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\849e98c9f428a12cb581320a23f69dbd\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\7a823a4f61cf8c86aad02559f8fed07b\System.DirectoryServices.Protocols.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\ad95820d2e29e8d55c0d8a838214c6e5\System.Data.Services.Design.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\617acb0d900bdde947ec79f7b5ccc183\System.Data.Services.Client.ni.dll
+ 2011-04-06 01:14 . 2011-04-06 01:14 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\165bd290e518b9397ca55192985fdee3\System.Data.Entity.Design.ni.dll
+ 2011-04-06 01:13 . 2011-04-06 01:13 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\41345e34f26854fc1878eae3e4d5d4a5\System.Data.DataSetExtensions.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\ab688d0f9f333ba117832726bfb589c1\System.Configuration.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\b48677ab9aa7a6830785f67b8478b4da\System.Configuration.Install.ni.dll
+ 2011-04-06 01:13 . 2011-04-06 01:13 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\93a0958d5557e2b380647af0171ad354\System.AddIn.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\d0758f84e927e3f0a15a6cde1b96d835\SMSvcHost.ni.exe
+ 2011-04-06 01:12 . 2011-04-06 01:12 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8043a108e3bb2d3dcc84b547b8085e99\SMDiagnostics.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\72d3aacfca2e1ce835c210f5a1decb36\ServiceModelReg.ni.exe
+ 2011-04-06 21:18 . 2011-04-06 21:18 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e7e7321956e6822b1bf3691c35c842f6\PresentationFramework.Aero.ni.dll
+ 2011-04-06 21:18 . 2011-04-06 21:18 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a14488afff027f0f2985e659449097f5\PresentationFramework.Royale.ni.dll
+ 2011-04-06 21:18 . 2011-04-06 21:18 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\787e60c5dd562cb45887080095d2a3b7\PresentationFramework.Classic.ni.dll
+ 2011-04-06 21:18 . 2011-04-06 21:18 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\2313ccc125dcb6a9800048ec1c51ec12\PresentationFramework.Luna.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\5db9c32d9f352162e6da220ca463db0d\MSBuild.ni.exe
+ 2011-04-06 01:12 . 2011-04-06 01:12 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\fcf975f74bd134d8e0fa8f37c5bc6a8c\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-04-06 01:13 . 2011-04-06 01:13 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\d6b9038136600fbfbbbd7460dc19da19\Microsoft.Build.Utilities.ni.dll
+ 2011-04-06 01:13 . 2011-04-06 01:13 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\585cc7218599e7806521d0e737ba5ffb\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\3057ec53731286e69e389d103c32fa41\Microsoft.Build.Engine.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\914e338ac6e92714f3e32ae5d89bf03b\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\12ae6f3635448471fc9f7d8bfe39c67d\CustomMarshalers.ni.dll
+ 2011-04-06 01:11 . 2011-04-06 01:11 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\daca3c9ad6d867d3fec70d14b4f20cf3\ComSvcConfig.ni.exe
+ 2011-04-06 01:12 . 2011-04-06 01:12 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\af4a3ae6d5c1cafa57002beb487b8d7a\AspNetMMCExt.ni.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-04-06 20:55 . 2011-04-06 20:55 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
- 2011-03-30 23:24 . 2011-03-30 23:24 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-03-30 23:25 . 2011-03-30 23:25 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-04-03 07:03 . 2011-04-03 07:03 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-03-30 23:25 . 2011-03-30 23:25 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
+ 2011-04-06 20:57 . 2011-04-06 20:57 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-03-30 23:26 . 2011-03-30 23:26 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2011-03-30 23:26 . 2011-03-30 23:26 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-04-06 20:57 . 2011-04-06 20:57 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-04-06 20:57 . 2011-04-06 20:57 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-03-30 23:26 . 2011-03-30 23:26 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2011-04-03 07:03 . 2011-04-03 07:03 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2011-04-06 20:57 . 2011-04-06 20:57 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-03-30 23:26 . 2011-03-30 23:26 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-03-30 23:24 . 2011-03-30 23:24 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-03-30 23:29 . 2011-03-30 23:29 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-06 20:58 . 2011-04-06 20:58 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-04-06 20:58 . 2011-04-06 20:58 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-03-30 23:29 . 2011-03-30 23:29 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-04-06 20:58 . 2011-04-06 20:58 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-03-30 23:28 . 2011-03-30 23:28 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-03-30 23:27 . 2011-03-30 23:27 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-04-06 20:57 . 2011-04-06 20:57 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2011-04-03 07:03 . 2011-04-03 07:03 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2011-03-26 00:01 . 2011-03-26 00:01 110592 c:\windows\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMdiagnostics.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2011-03-30 23:24 . 2011-03-30 23:24 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-03-30 23:24 . 2011-03-30 23:24 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-03-30 23:24 . 2011-03-30 23:24 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-03-30 23:26 . 2011-03-30 23:26 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-04-06 20:57 . 2011-04-06 20:57 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-03-30 23:25 . 2011-03-30 23:25 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-04-06 20:55 . 2011-04-06 20:55 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-03-30 23:25 . 2011-03-30 23:25 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-03-30 23:25 . 2011-03-30 23:25 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-03-30 23:25 . 2011-03-30 23:25 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-04-06 20:56 . 2011-04-06 20:56 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-04-06 20:58 . 2011-04-06 20:58 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-03-30 23:28 . 2011-03-30 23:28 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2009-11-07 08:06 . 2009-11-07 08:06 1130824 c:\windows\system32\dfshim.dll
+ 2010-04-08 06:48 . 2010-04-08 06:48 5967872 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.dll
+ 2009-11-09 07:25 . 2009-11-09 07:25 1935360 c:\windows\Installer\2e42b.msp
+ 2010-04-12 05:17 . 2010-04-12 05:17 4210688 c:\windows\Installer\2e41b.msp
+ 2009-11-09 07:25 . 2009-11-09 07:25 1935360 c:\windows\Installer\2a78c.msp
+ 2009-11-09 07:25 . 2009-11-09 07:25 1935360 c:\windows\Installer\2920e.msp
+ 2011-03-31 00:57 . 2011-03-31 00:57 3272704 c:\windows\Installer\13fda8.msi
+ 2011-03-31 00:46 . 2011-03-31 00:46 1611776 c:\windows\Installer\13fda4.msi
+ 2009-11-09 07:25 . 2009-11-09 07:25 1935360 c:\windows\Installer\100951.msp
+ 2011-03-26 00:19 . 2011-03-26 00:19 5283840 c:\windows\assembly\temp\RZ5BGMSX39\PresentationFramework.dll
+ 2011-04-06 21:16 . 2011-04-06 21:16 3325440 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cec7ecb8eac09dd630d180ce87d23b80\WindowsBase.ni.dll
+ 2011-04-06 21:18 . 2011-04-06 21:18 1049600 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\b7f6e7b265f9aae807ddc4284563e550\UIAutomationClientsideProviders.ni.dll
+ 2011-04-03 07:08 . 2011-04-03 07:08 2516480 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP10B.tmp\System.Data.Linq.dll
+ 2011-04-06 01:17 . 2011-04-06 01:17 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\bec60fe2e934a6284224ab45b0e981e2\System.WorkflowServices.ni.dll
+ 2011-04-06 01:17 . 2011-04-06 01:17 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\09da139c48e2f5e76994a5c0f2e5b19e\System.Workflow.Runtime.ni.dll
+ 2011-04-06 01:17 . 2011-04-06 01:17 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\6809417da74ff937e18b3034f1eac2f2\System.Workflow.ComponentModel.ni.dll
+ 2011-04-06 01:17 . 2011-04-06 01:17 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\6c91ee82035d30efa8893e7b0396bbb0\System.Workflow.Activities.ni.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\181254ba0cb690decedb950fd26d7bea\System.Web.Services.ni.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\4200f716e9a41cb91d17516ba864e586\System.Web.Mobile.ni.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 2405376 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\da367bc2ecf2c9c5b4f858b6dba9e2ea\System.Web.Extensions.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\8e34e273d036b7468fc4e951a1fde437\System.ServiceModel.Web.ni.dll
+ 2011-04-06 00:24 . 2011-04-06 00:24 2345472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\8061a0f5c1c2ee0549e19224352f67fa\System.Runtime.Serialization.ni.dll
+ 2011-04-06 21:18 . 2011-04-06 21:18 1035776 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\99767d4df92b83fdfb06012512722ec1\System.Printing.ni.dll
+ 2011-04-06 00:22 . 2011-04-06 00:22 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\095bb4f033374647b6d66c51f16bb886\System.IdentityModel.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\d20b7e58607ddb1ded9b687627ae8c21\System.DirectoryServices.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 1801216 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\daa33674d4250e38a24b70180d209ac8\System.Deployment.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 2510336 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\f0470c2be4e6bb1dadbeed43e4e8af5c\System.Data.SqlXml.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\b8c9267d87b7358e1a5f00bf1572c313\System.Data.Services.ni.dll
+ 2011-04-03 07:13 . 2011-04-03 07:13 2379264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\7a688e38dec653d31c6fd17384ecc022\System.Data.Linq.ni.dll
+ 2011-04-06 01:14 . 2011-04-06 01:14 9924096 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\6ce886492d9b6a34555be3f328682ec2\System.Data.Entity.ni.dll
+ 2011-04-06 21:18 . 2011-04-06 21:18 2128896 c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\3e85c3d63ce3c3f37061aa626feb2a52\ReachFramework.ni.dll
+ 2011-04-06 21:18 . 2011-04-06 21:18 1657856 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\bf67db30179ff6e8cb1bdbaa290d122e\PresentationUI.ni.dll
+ 2011-04-06 01:13 . 2011-04-06 01:13 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a27783547338dbebf84101a685ba641b\Microsoft.VisualBasic.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 1093120 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\773d7bf69a9a0c0556aa41f53e75ab05\Microsoft.Transactions.Bridge.ni.dll
+ 2011-04-06 01:15 . 2011-04-06 01:15 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\16ff33f07efdb9da2a18e27585c604be\Microsoft.JScript.ni.dll
+ 2011-04-06 01:13 . 2011-04-06 01:13 1620992 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d0fb91b296616a1a844bf265947018ee\Microsoft.Build.Tasks.ni.dll
+ 2011-04-06 01:13 . 2011-04-06 01:13 1966080 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\892e993c8df1c75081113131dc429c15\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-04-06 01:12 . 2011-04-06 01:12 1888768 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d0beebd2c9045158cdcd4bd5987b717b\Microsoft.Build.Engine.ni.dll
+ 2011-04-06 21:12 . 2011-04-06 21:12 1249280 c:\windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
- 2011-03-30 23:29 . 2011-03-30 23:29 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-04-06 20:58 . 2011-04-06 20:58 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-03-30 23:29 . 2011-03-30 23:30 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-04-06 20:58 . 2011-04-06 20:58 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-04-06 20:55 . 2011-04-06 20:55 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2011-03-26 00:23 . 2011-03-26 00:23 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2011-04-06 00:31 . 2011-04-06 00:31 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2011-04-03 07:03 . 2011-04-03 07:03 5967872 c:\windows\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-04-06 20:55 . 2011-04-06 20:55 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-04-06 21:12 . 2011-04-06 21:12 5279744 c:\windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
- 2011-03-30 23:23 . 2011-03-30 23:23 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-04-06 20:55 . 2011-04-06 20:55 5242880 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2011-03-30 23:29 . 2011-03-30 23:29 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-04-06 20:58 . 2011-04-06 20:58 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-03-26 00:01 . 2011-03-26 00:01 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
+ 2011-04-06 21:12 . 2011-04-06 21:12 4210688 c:\windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
- 2011-03-30 23:27 . 2011-03-30 23:27 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2011-04-06 20:57 . 2011-04-06 20:57 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2010-03-31 08:23 . 2010-03-31 08:23 15638528 c:\windows\Installer\3752d.msp
+ 2010-04-12 05:17 . 2010-04-12 05:17 14599680 c:\windows\Installer\2e429.msp
+ 2010-03-31 08:23 . 2010-03-31 08:23 15638528 c:\windows\Installer\2a798.msp
+ 2011-04-06 01:04 . 2011-04-06 01:04 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8F.tmp\System.ServiceModel.dll
+ 2011-04-06 01:16 . 2011-04-06 01:16 11800576 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\41f436dae3c8146752d06130f7331527\System.Web.ni.dll
+ 2011-04-06 01:11 . 2011-04-06 01:11 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\75aeb590008d6e166f7be18f935c52d2\System.ServiceModel.ni.dll
+ 2011-04-06 21:18 . 2011-04-06 21:18 14328320 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a632f3ef85ffd35341b383eed577cb93\PresentationFramework.ni.dll
+ 2011-04-06 21:17 . 2011-04-06 21:17 12215808 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\f00db8db51f5707c7fe52c0683dc6136\PresentationCore.ni.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 28672]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-08 c:\windows\Tasks\User_Feed_Synchronization-{0CA1D476-9C73-4E2D-8345-067C08B14ED8}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 11:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-07 19:24
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2011-04-07 19:27:15
ComboFix-quarantined-files.txt 2011-04-08 02:27
ComboFix2.txt 2011-03-31 00:33
.
Pre-Run: 29,906,456,576 bytes free
Post-Run: 30,008,565,760 bytes free
.
- - End Of File - - EEA7A9C4EBBC8149893A094CADCB98B3

#9
sempai

Posted 08 April 2011 - 04:43 AM

Trusted Helper

Malware Removal
785 posts

Hi,

Installed AVG free version and I did a scan and found a Rootkit

Do you have more info about this? Like file name or file path.

Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

Double-click on RKUnhookerLE.exe to start the program.
Vista/Windows 7 users right-click and select Run As Administrator.
Click the Report tab, then click Scan.
Check Drivers, Stealth, and uncheck the rest.
Click OK.
Wait until it's finished and then go to File > Save Report.
Save the report to your Desktop.
Copy and paste the contents of the report into your next reply.

-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".

#10
Brujo

Posted 08 April 2011 - 12:16 PM

Member

Topic Starter
Member
34 posts

When doing the scan with Combofix it took awhile to load once it did a screen appeared saying that it found a Rootkit and computer needed to be restarted. I clicked OK , it rebooted and the scan started. This is the log from the AVG Rootkit scan ( i think)

"Scan ""Anti-Rootkit scan"" completed."
"Rootkits";"13";"0";"13"
""
"Scan started:";"Friday, March 25, 2011, 12:23:08 PM"
"Scan finished:";"Friday, March 25, 2011, 12:27:41 PM (4 minute(s) 32 second(s))"
"Total object scanned:";"22440"
"User who launched the scan:";"SYSTEM"

"Rootkits"
"";"File";"Infection";"Result"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\kmixer IRP_MJ_CREATE -> ks.sys KsAllocateObjectHeader+0xEC";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\kmixer IRP_MJ_CLOSE -> ks.sys KsDereferenceSoftwareBusObject+0x14";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\kmixer IRP_MJ_WRITE -> ks.sys KsProbeStreamIrp+0x187";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\kmixer IRP_MJ_DEVICE_CONTROL -> ks.sys KsTopologyPropertyHandler+0x8D";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\kmixer IRP_MJ_POWER -> ks.sys KsDefaultDispatchPower";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\sysaudio IRP_MJ_CREATE -> ks.sys KsAllocateObjectHeader+0xEC";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\sysaudio IRP_MJ_CLOSE -> ks.sys KsDereferenceSoftwareBusObject+0x14";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\sysaudio IRP_MJ_WRITE -> ks.sys KsProbeStreamIrp+0x187";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\sysaudio IRP_MJ_DEVICE_CONTROL -> ks.sys KsTopologyPropertyHandler+0x8D";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\sysaudio IRP_MJ_POWER -> ks.sys KsDefaultDispatchPower";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\sysaudio IRP_MJ_SYSTEM_CONTROL -> ks.sys KsDefaultForwardIrp";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\wdmaud IRP_MJ_POWER -> ks.sys KsDefaultDispatchPower";"Object is white-listed (critical/system file that should not be removed)"
"";"C:\WINDOWS\System32\DRIVERS\ks.sys";"IRP hook, \Driver\wdmaud IRP_MJ_SYSTEM_CONTROL -> ks.sys KsDefaultForwardIrp";"Object is white-listed (critical/system file that should not be removed)"

#11
Brujo

Posted 08 April 2011 - 12:18 PM

Member

Topic Starter
Member
34 posts

This is the scan from RKUnhooker

RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>Drivers
==============================================
0x804D7000 C:\WINDOWS\system32\ntoskrnl.exe 2192768 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2192768 bytes
0x804D7000 RAW 2192768 bytes
0x804D7000 WMIxWDM 2192768 bytes
0xBF800000 Win32k 1855488 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xBF04D000 C:\WINDOWS\System32\ati3d1ag.dll 831488 bytes (ATI Technologies Inc. , ati3d1ag.dll)
0xF751E000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xF73FA000 C:\WINDOWS\System32\DRIVERS\ati2mtag.sys 540672 bytes (ATI Technologies Inc., ATI Radeon Miniport Driver)
0xEFA07000 C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF7290000 C:\WINDOWS\System32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xEFD13000 C:\WINDOWS\System32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xEC1B5000 C:\WINDOWS\System32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xBF118000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xEFB12000 C:\WINDOWS\system32\DRIVERS\avgtdix.sys 290816 bytes (AVG Technologies CZ, s.r.o., AVG Network connection watcher)
0xEBE2C000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xF7337000 C:\WINDOWS\system32\drivers\stac97.sys 266240 bytes (SigmaTel, Inc., SigmaTel Audio Driver (WDM))
0xEC941000 C:\WINDOWS\system32\DRIVERS\avgldx86.sys 245760 bytes (AVG Technologies CZ, s.r.o., AVG AVI Loader Driver)
0xBF012000 C:\WINDOWS\System32\ati2dvag.dll 241664 bytes (ATI Technologies Inc., ATI Radeon WindowsNT Display Driver)
0xF765A000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xEC745000 C:\WINDOWS\System32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF74F1000 NDIS.sys 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xEFA77000 C:\WINDOWS\System32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xF7399000 C:\WINDOWS\System32\DRIVERS\bcmwl5.sys 167936 bytes (Broadcom Corporation, Broadcom Corporation NDIS 5.0 wireless driver)
0xEFAC4000 C:\WINDOWS\System32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xEFAEC000 C:\WINDOWS\System32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xF73C2000 C:\WINDOWS\System32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xEFAA2000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0xF7378000 C:\WINDOWS\System32\DRIVERS\ks.sys 135168 bytes (Microsoft Corporation, Kernel CSA Library)
0xF7316000 C:\WINDOWS\system32\drivers\portcls.sys 135168 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xEC235000 C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys 131072 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Driver.)
0xF75D4000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF760C000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xF762B000 pcmcia.sys 122880 bytes (Microsoft Corporation, PCMCIA Bus Driver)
0xF74D7000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF75F4000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xEC929000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xF75AB000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF72FF000 C:\WINDOWS\System32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xEC468000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF73E6000 C:\WINDOWS\System32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0x806EF000 ACPI_HAL 81152 bytes
0x806EF000 C:\WINDOWS\system32\hal.dll 81152 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xEFD6C000 C:\WINDOWS\System32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF75C2000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF7649000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF72EE000 C:\WINDOWS\System32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF201E000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF7829000 C:\WINDOWS\System32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF7739000 C:\WINDOWS\System32\DRIVERS\nic1394.sys 65536 bytes (Microsoft Corporation, IEEE1394 Ndis Miniport and Call Manager)
0xF76B9000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF00A6000 C:\WINDOWS\System32\DRIVERS\arp1394.sys 61440 bytes (Microsoft Corporation, IP/1394 Arp Client)
0xF7849000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF7839000 C:\WINDOWS\System32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xF0056000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF78F9000 C:\WINDOWS\System32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF76C9000 C:\WINDOWS\System32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xF7709000 C:\WINDOWS\System32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF7819000 C:\WINDOWS\System32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF7859000 C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF76E9000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF71F8000 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 49152 bytes (AVG Technologies CZ, s.r.o., AVG Resident Shield Minifilter Driver)
0xF7879000 C:\WINDOWS\System32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF7719000 agp440.sys 45056 bytes (Microsoft Corporation, 440 NT AGP Filter)
0xF00B6000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF76D9000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF7869000 C:\WINDOWS\System32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF76A9000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF78B9000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xF7899000 C:\WINDOWS\System32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF76F9000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xEBF55000 C:\WINDOWS\System32\DRIVERS\HIDCLASS.SYS 36864 bytes (Microsoft Corporation, Hid Class Library)
0xF7809000 C:\WINDOWS\System32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xF7889000 C:\WINDOWS\System32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF0635000 C:\WINDOWS\System32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xECC6D000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF0645000 C:\WINDOWS\System32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF04FB000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7959000 C:\WINDOWS\System32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF7939000 avgrkx86.sys 28672 bytes (AVG Technologies CZ, s.r.o., AVG Anti-Rootkit Driver)
0xF0F41000 C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS 28672 bytes (Microsoft Corporation, Hid Parsing Library)
0xF7929000 C:\WINDOWS\System32\Drivers\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF7991000 C:\WINDOWS\System32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF7989000 C:\WINDOWS\System32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF7951000 C:\WINDOWS\System32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF0F39000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF7A81000 C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys 20480 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Filter Driver.)
0xF7A59000 C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys 20480 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Loader Driver.)
0xF0503000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF7931000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF79A1000 C:\WINDOWS\System32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF79A9000 C:\WINDOWS\System32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xF7999000 C:\WINDOWS\System32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xEFDBF000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xF7AC5000 AVGIDSEH.Sys 16384 bytes (AVG Technologies CZ, s.r.o. , IDS Application Activity Monitor Helper Driver.)
0xF7AC1000 C:\WINDOWS\System32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xF7B69000 C:\WINDOWS\System32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xEBEAD000 C:\WINDOWS\system32\DRIVERS\kbdhid.sys 16384 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7B85000 C:\WINDOWS\System32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xEC911000 C:\WINDOWS\System32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF7AB9000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF7ABD000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xEE348000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xEC0D5000 C:\WINDOWS\System32\DRIVERS\hidusb.sys 12288 bytes (Microsoft Corporation, USB Miniport Driver for Input Devices)
0xEBDF4000 C:\WINDOWS\System32\DRIVERS\mouhid.sys 12288 bytes (Microsoft Corporation, HID Mouse Filter Driver)
0xF7B75000 C:\WINDOWS\System32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF20BC000 C:\WINDOWS\System32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF7C39000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF7BFD000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF7C37000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7BAD000 intelide.sys 8192 bytes (Microsoft Corporation, Intel PCI IDE Driver)
0xF7BA9000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF7C3B000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF7C3D000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7BD5000 C:\WINDOWS\System32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7BD9000 C:\WINDOWS\System32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7BAB000 C:\WINDOWS\System32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7D7E000 C:\WINDOWS\System32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xED2CC000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xEFF88000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7C71000 PCIIde.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================

#12
sempai

Posted 09 April 2011 - 04:35 AM

Trusted Helper

Malware Removal
785 posts

Hi,

1. Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Please click this link-->Jotti
When the jotti page has finished loading, click the Browse button and navigate to the following file and click Submit.

C:\WINDOWS\System32\DRIVERS\ks.sys
Please post back the results of the scan in your next post.
If Jotti is busy, try the same at Virustotal:

2. Download TDSSKiller.zip from Kaspersky and save it to your Desktop.

Extract the zip file to its own folder.
Double click TDSSKiller.exe to run the program (Run as Administrator for Vista/Windows 7).
Click Start scan to start scanning.
If infection is detected, the default setting for "action" is Cure (Please click on it and change it to skip).
Click on Report to generate a log.
Please post that log when you reply.

#13
Brujo

Posted 09 April 2011 - 12:42 PM

Member

Topic Starter
Member
34 posts

Both scan didn't find anything at all

Jotti didn't have a report, i think. Found nothing

and here is the scan of TDSSKiller

2011/04/09 11:33:35.0040 1708 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/09 11:33:35.0981 1708 ================================================================================
2011/04/09 11:33:35.0981 1708 SystemInfo:
2011/04/09 11:33:35.0981 1708
2011/04/09 11:33:35.0981 1708 OS Version: 5.1.2600 ServicePack: 3.0
2011/04/09 11:33:35.0981 1708 Product type: Workstation
2011/04/09 11:33:35.0981 1708 ComputerName: TRANSMETAL
2011/04/09 11:33:35.0981 1708 UserName: Owner
2011/04/09 11:33:35.0981 1708 Windows directory: C:\WINDOWS
2011/04/09 11:33:35.0981 1708 System windows directory: C:\WINDOWS
2011/04/09 11:33:35.0981 1708 Processor architecture: Intel x86
2011/04/09 11:33:35.0981 1708 Number of processors: 1
2011/04/09 11:33:35.0981 1708 Page size: 0x1000
2011/04/09 11:33:35.0981 1708 Boot type: Normal boot
2011/04/09 11:33:35.0981 1708 ================================================================================
2011/04/09 11:33:40.0528 1708 Initialize success
2011/04/09 11:33:46.0546 2740 ================================================================================
2011/04/09 11:33:46.0546 2740 Scan started
2011/04/09 11:33:46.0546 2740 Mode: Manual;
2011/04/09 11:33:46.0546 2740 ================================================================================
2011/04/09 11:33:52.0936 2740 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/09 11:33:53.0236 2740 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/04/09 11:33:54.0618 2740 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/04/09 11:33:55.0089 2740 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/04/09 11:33:55.0620 2740 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2011/04/09 11:33:57.0913 2740 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2011/04/09 11:33:59.0235 2740 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/09 11:34:00.0026 2740 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/09 11:34:00.0777 2740 ati2mtag (b4991feb456ea3dab743bce85a5303eb) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
2011/04/09 11:34:01.0538 2740 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/04/09 11:34:02.0119 2740 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/09 11:34:02.0630 2740 AVGIDSDriver (646cccd12886facb8676bdd9b7d54e29) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
2011/04/09 11:34:02.0960 2740 AVGIDSEH (1af676db3f3d4cc709cfab2571cf5fc3) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
2011/04/09 11:34:03.0301 2740 AVGIDSFilter (4c51e233c87f9ec7598551de554bc99d) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
2011/04/09 11:34:03.0541 2740 AVGIDSShim (c3fc426e54f55c1cc3219e415b88e10c) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
2011/04/09 11:34:03.0881 2740 Avgldx86 (4e796d3d2c3182b13b3e3b5a2ad4ef0a) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
2011/04/09 11:34:04.0242 2740 Avgmfx86 (5639de66b37d02bd22df4cf3155fba60) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
2011/04/09 11:34:04.0532 2740 Avgrkx86 (ffbe8adeb1fd8640540bf6e4a137b3ef) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
2011/04/09 11:34:04.0963 2740 Avgtdix (69e6adf5cbbdeb5f2b727c93937a5823) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
2011/04/09 11:34:05.0454 2740 BCM43XX (5204362ec9ae6d7a5e2c9ec97a869f3f) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2011/04/09 11:34:06.0215 2740 bcm4sbxp (f5c0d3c93235a455cdd13c954adf1a80) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
2011/04/09 11:34:06.0856 2740 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/09 11:34:07.0547 2740 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/09 11:34:08.0238 2740 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/09 11:34:08.0778 2740 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/09 11:34:09.0059 2740 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/09 11:34:09.0810 2740 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/04/09 11:34:10.0511 2740 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/04/09 11:34:12.0103 2740 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/09 11:34:13.0005 2740 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/09 11:34:13.0736 2740 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/09 11:34:14.0296 2740 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/09 11:34:14.0737 2740 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/09 11:34:15.0218 2740 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/09 11:34:15.0608 2740 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/09 11:34:16.0339 2740 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/04/09 11:34:17.0130 2740 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/09 11:34:17.0851 2740 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/04/09 11:34:18.0362 2740 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/04/09 11:34:19.0093 2740 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/09 11:34:19.0514 2740 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/09 11:34:20.0205 2740 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/09 11:34:20.0706 2740 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/04/09 11:34:21.0687 2740 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/09 11:34:22.0478 2740 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/04/09 11:34:23.0149 2740 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/09 11:34:23.0940 2740 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/04/09 11:34:24.0401 2740 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/04/09 11:34:24.0671 2740 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/04/09 11:34:25.0112 2740 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/09 11:34:25.0833 2740 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/09 11:34:26.0414 2740 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/09 11:34:26.0905 2740 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/09 11:34:27.0796 2740 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/09 11:34:28.0256 2740 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/09 11:34:28.0907 2740 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/09 11:34:29.0308 2740 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/04/09 11:34:29.0689 2740 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/09 11:34:30.0159 2740 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/09 11:34:30.0770 2740 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/04/09 11:34:31.0191 2740 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/04/09 11:34:31.0601 2740 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/09 11:34:32.0102 2740 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/04/09 11:34:32.0412 2740 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/09 11:34:33.0143 2740 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/09 11:34:33.0604 2740 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/09 11:34:34.0085 2740 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/09 11:34:34.0746 2740 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/09 11:34:35.0407 2740 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/09 11:34:35.0777 2740 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/09 11:34:36.0538 2740 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/09 11:34:36.0879 2740 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/09 11:34:37.0660 2740 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/09 11:34:38.0201 2740 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/09 11:34:38.0711 2740 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/09 11:34:38.0982 2740 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/09 11:34:39.0503 2740 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/09 11:34:39.0883 2740 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/09 11:34:40.0744 2740 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/09 11:34:41.0345 2740 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2011/04/09 11:34:41.0826 2740 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/09 11:34:42.0767 2740 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/09 11:34:43.0839 2740 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/09 11:34:44.0680 2740 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/04/09 11:34:45.0511 2740 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/04/09 11:34:45.0982 2740 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2011/04/09 11:34:46.0393 2740 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
2011/04/09 11:34:46.0763 2740 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/09 11:34:47.0274 2740 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/09 11:34:47.0885 2740 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/09 11:34:49.0167 2740 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
2011/04/09 11:34:49.0938 2740 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2011/04/09 11:34:52.0271 2740 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/09 11:34:52.0752 2740 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/04/09 11:34:53.0353 2740 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/09 11:34:53.0933 2740 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/09 11:34:55.0476 2740 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/09 11:34:56.0046 2740 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/09 11:34:56.0537 2740 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/09 11:34:56.0998 2740 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/09 11:34:57.0559 2740 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/09 11:34:58.0139 2740 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/09 11:34:58.0600 2740 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/09 11:34:59.0461 2740 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/09 11:34:59.0972 2740 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/09 11:35:00.0533 2740 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
2011/04/09 11:35:00.0843 2740 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/04/09 11:35:01.0965 2740 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/09 11:35:02.0355 2740 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/09 11:35:03.0107 2740 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/09 11:35:03.0547 2740 STAC97 (5813d453ef8ce49d607c255cf128aceb) C:\WINDOWS\system32\drivers\stac97.sys
2011/04/09 11:35:04.0268 2740 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/09 11:35:04.0849 2740 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/09 11:35:06.0041 2740 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/09 11:35:06.0471 2740 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/09 11:35:06.0842 2740 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/09 11:35:07.0383 2740 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/09 11:35:07.0873 2740 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/09 11:35:08.0665 2740 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/09 11:35:09.0776 2740 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/09 11:35:10.0597 2740 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/09 11:35:11.0318 2740 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/09 11:35:11.0809 2740 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/09 11:35:12.0590 2740 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/04/09 11:35:13.0431 2740 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/04/09 11:35:14.0383 2740 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/09 11:35:14.0843 2740 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/09 11:35:15.0695 2740 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/09 11:35:16.0326 2740 ================================================================================
2011/04/09 11:35:16.0326 2740 Scan finished
2011/04/09 11:35:16.0326 2740 ================================================================================

Edited by Brujo, 09 April 2011 - 12:43 PM.

#14
Brujo

Posted 09 April 2011 - 12:46 PM

Member

Topic Starter
Member
34 posts

Here is the result of Jotti's

Attached Thumbnails

#15
sempai

Posted 09 April 2011 - 10:26 PM

Trusted Helper

Malware Removal
785 posts

Hi Brujo,

Some legitimate applications uses rootkit techniques for various reasons. The file ks.sys is part of Microsoft Windows Operating system file, it's Microsoft Windows Kernel CSA library file. AVG is just enumerating that there is a certain hook that acts like a rootkit but it doesn't always mean that you're dealing with a rootkit.

All the scanner that we've used doesn't show malware or rootkit except for AVG. Please let me know your thoughts.